Lucene search
K

58 matches found

Vulnrichment
Vulnrichment
added 2025/01/31 12:0 a.m.12 views

CVE-2025-23001

A Host header injection vulnerability exists in CTFd 3.7.5, due to the application failing to properly validate or sanitize the Host header. An attacker can manipulate the Host header in HTTP requests, which may lead to phishing attacks, reset password, or cache poisoning. NOTE: the Supplier's...

6.3AI score0.00285EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/31 12:0 a.m.17 views

CVE-2025-23001

A Host header injection vulnerability exists in CTFd 3.7.5, due to the application failing to properly validate or sanitize the Host header. An attacker can manipulate the Host header in HTTP requests, which may lead to phishing attacks, reset password, or cache poisoning. NOTE: the Supplier's...

0.00285EPSS
Exploits0References3
CVE
CVE
added 2025/01/31 12:0 a.m.103 views

CVE-2025-23001

CVE-2025-23001 affects CTFd 3.7.5. The vulnerability is a Host header injection caused by insufficient validation/sanitization of the Host header in HTTP requests. Potential impacts include phishing, password reset manipulation, and cache poisoning as described in multiple sources. Some entries n...

6.1CVSS6.3AI score0.00285EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/30 10:40 p.m.9 views

CVE-2025-24886 pwn.college has Symlink LFI in Dojo repos

pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Incorrect symlink checks on user specified dojos allows for users admin not required to perform an LFI from the CTFd container. When a user clones or updates repositories, a check...

7.7CVSS7.6AI score0.00455EPSS
Exploits0References1
OSV
OSV
added 2025/01/30 10:40 p.m.2 views

CVE-2025-24886 pwn.college has Symlink LFI in Dojo repos

pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Incorrect symlink checks on user specified dojos allows for users admin not required to perform an LFI from the CTFd container. When a user clones or updates repositories, a check...

7.7CVSS6.7AI score0.00455EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/30 12:0 a.m.6 views

PT-2025-5593 · Unknown · Pwn.College

Name of the Vulnerable Software and Affected Versions: pwn.college affected versions not specified Description: The issue is related to incorrect symlink checks on user-specified dojos, allowing users to perform a Local File Inclusion LFI from the CTFd container without requiring admin privileges...

7.7CVSS6.8AI score0.00455EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/01/30 12:0 a.m.8 views

DOJO 安全漏洞

DOJO is an open source JavaScript toolkit from pwn.college. DOJO suffers from a security vulnerability that stems from the fact that incorrect symbolic link checking of a user-specified dojo can cause a user to execute an LFI from a CTFd container, which allows a malicious user to make a reposito...

7.7CVSS6.7AI score0.00455EPSS
Exploits0References1
NVD
NVD
added 2025/01/07 4:15 p.m.6 views

CVE-2024-46242

An issue in the validateemail function in CTFd/utils/validators/init.py of CTFd 3.7.3 allows attackers to cause a Regular expression Denial of Service ReDoS via supplying a crafted string as e-mail address during registration...

7.5CVSS0.00694EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/07 12:0 a.m.10 views

CVE-2024-46242

An issue in the validateemail function in CTFd/utils/validators/init.py of CTFd 3.7.3 allows attackers to cause a Regular expression Denial of Service ReDoS via supplying a crafted string as e-mail address during registration...

0.00694EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.4 views

PT-2025-2733 · Ctfd · Ctfd

Name of the Vulnerable Software and Affected Versions: CTFd version 3.7.3 Description: The issue is related to the validate email function in CTFd/utils/validators/ init .py, which allows attackers to cause a Regular expression Denial of Service ReDoS by providing a crafted string as an email...

7.5CVSS6.8AI score0.00694EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/01/07 12:0 a.m.5 views

CVE-2024-46242

An issue in the validateemail function in CTFd/utils/validators/init.py of CTFd 3.7.3 allows attackers to cause a Regular expression Denial of Service ReDoS via supplying a crafted string as e-mail address during registration...

6.7AI score0.00694EPSS
Exploits0References2
CVE
CVE
added 2025/01/07 12:0 a.m.45 views

CVE-2024-46242

The CVE-2024-46242 entry describes a Regular Expression Denial of Service (ReDoS) in CTFd 3.7.3 caused by the validate_email function in CTFd/utils/validators/init .py. An attacker can trigger the vulnerability by supplying a crafted string as an email address during user registration, potentiall...

7.5CVSS6.9AI score0.00694EPSS
Exploits0References1
NVD
NVD
added 2025/01/02 5:15 p.m.13 views

CVE-2024-11716

While assignment of a user to a team bracket in CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it's bracket and then pick a new one, joining another team while a competition is already ongoing. This issue impacts releas...

5.3CVSS0.11659EPSS
Exploits0References6
NVD
NVD
added 2025/01/02 5:15 p.m.16 views

CVE-2024-11717

Tokens in CTFd used for account activation and password resetting can be used interchangeably for these operations. When used, they are sent to the server as a GET parameter and they are not single use, which means, that during token expiration time an on-path attacker might reuse such a token to...

6.3CVSS0.0064EPSS
Exploits0References6
CVE
CVE
added 2025/01/02 4:8 p.m.70 views

CVE-2024-11717

CTFd (CTFd project) is affected by CVE-2024-11717. Tokens used for account activation and password resets are interchangeable and are transmitted as GET parameters; tokens are not single-use and can be reused within the expiration window, enabling an on-path attacker to reset a password and take ...

6.3CVSS7.2AI score0.0064EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/01/02 4:8 p.m.13 views

CVE-2024-11717

Tokens in CTFd used for account activation and password resetting can be used interchangeably for these operations. When used, they are sent to the server as a GET parameter and they are not single use, which means, that during token expiration time an on-path attacker might reuse such a token to...

6.3CVSS7.2AI score0.0064EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/01/02 4:8 p.m.17 views

CVE-2024-11717

Tokens in CTFd used for account activation and password resetting can be used interchangeably for these operations. When used, they are sent to the server as a GET parameter and they are not single use, which means, that during token expiration time an on-path attacker might reuse such a token to...

6.3CVSS0.0064EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/01/02 4:7 p.m.7 views

CVE-2024-11716

While assignment of a user to a team bracket in CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it's bracket and then pick a new one, joining another team while a competition is already ongoing. This issue impacts releas...

5.3CVSS6.5AI score0.11659EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/01/02 4:7 p.m.16 views

CVE-2024-11716

While assignment of a user to a team bracket in CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it's bracket and then pick a new one, joining another team while a competition is already ongoing. This issue impacts releas...

5.3CVSS0.11659EPSS
Exploits0References5
CVE
CVE
added 2025/01/02 4:7 p.m.59 views

CVE-2024-11716

CVE-2024-11716 (CTFd) : A logic flaw in CTFd allows an authenticated user to reset their bracket after registration and join another team while a competition is ongoing. Affected releases: 3.7.0—3.7.4. The issue was addressed in 3.7.5 via pull request 2636. Practical impact: potentially enables b...

5.3CVSS6.8AI score0.11659EPSS
Exploits0References6
Rows per page
Query Builder