CVE-2026-35185

Summary: CVE-2026-35185 affects HAX CMS prior to version 25.0.0, where the /server-status endpoint is publicly accessible and can disclose sensitive information without authentication. What is affected: HAX CMS with PHP or Node.js backends. Impact (as stated): Exposure of authentication tokens (u...

CVE-2026-35185 HAX CMS's public /server-status endpoint exposes authentication tokens, user activity, and client IP addresses

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to 25.0.0, the /server-status endpoint is publicly accessible and exposes sensitive information including authentication tokens usertoken, user activity, client IP addresses, and server configuration details. This allows a...

CVE-2005-1716

TOPo 2.2 2.2.178 stores data files in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as client IP addresses...

CVE-2023-4281

This Activity Log WordPress plugin before 2.8.8 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic...

EUVD-2007-4736

Malware in sbrugna...

EUVD-2005-1718

Malware in sbrugna...

EUVD-2023-54152

Malicious code in bioql PyPI...

EUVD-2023-57566

Malicious code in bioql PyPI...

EUVD-2024-16747

Malicious code in bioql PyPI...

Spoofing Attack

org.springframework.cloud, spring-cloud-gateway-server is vulnerable to Spoofing Attack. The vulnerability is due to insufficient validation of X-Forwarded-For and Forwarded headers from untrusted proxies, allowing attackers to spoof client IP addresses...

CVE-2024-0970

This User Activity Tracking and Log WordPress plugin before 4.1.4 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value...

CVE-2024-23309

The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token...

CVE-2024-23309

CVE-2024-23309 affects LevelOne WBR-6012 router with firmware R0.40e6, where the web application authenticates based on the client IP rather than a session token. Talos documents a vulnerability in the web UI that allows an attacker to spoof the client IP and gain unauthorized access, bypassing a...

CVE-2024-23309

The LevelOne WBR-6012 router with firmware R0.40e6 has an authentication bypass vulnerability in its web application due to reliance on client IP addresses for authentication. Attackers could spoof an IP address to gain unauthorized access without needing a session token...

JBoss Status Servlet Information Gathering

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBoss Status Servlet Information Gathering', 'Description' = %q This module queries the JBoss status servlet to collect sensitive information,...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2022:5775)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5775 advisory. - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if...

Rocky Linux 9 : grafana-pcp (RLSA-2022:8250)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8250 advisory. - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if...

Security Bulletin: IBM Storage Ceph is vulnerable via Exposure of Sensitive Information to an Unauthorized Actork in Golang (CVE-2022-32148)

Summary Golang is used by IBM Storage Ceph as part of RGW and in assorted other locations. CVE-2022-32148 Vulnerability Details CVEID: CVE-2022-32148 DESCRIPTION: Golang Go could allow a remote attacker to obtain sensitive information, caused by improper exposure of client IP addresses in net/htt...

CVE-2023-5133

This user-activity-log-pro WordPress plugin before 2.3.4 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic...

Code injection

This user-activity-log-pro WordPress plugin before 2.3.4 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic...