Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.10 views

CVE-2019-16645

An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages such as goform/login and config/logoffpage.htm create links containing a hostname obtained from an arbitrary HTTP Host header sent by an attacker. This could potentially be used in a phishing attack...

8.6CVSS6.9AI score0.08183EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2019/09/23 12:0 a.m.544 views

Embedthis GoAhead 2.5.0 HTTP Header Injection Vulnerability - Active Check

Embedthis GoAhead is prone to an HTTP header injection vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.6CVSS8.6AI score0.08183EPSS
Exploits3References1
OSV
OSV
added 2019/09/20 7:15 p.m.3 views

CVE-2019-16645

An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages such as goform/login and config/logoffpage.htm create links containing a hostname obtained from an arbitrary HTTP Host header sent by an attacker. This could potentially be used in a phishing attack...

8.6CVSS7.2AI score0.08183EPSS
Exploits3References2
CVE
CVE
added 2019/09/20 6:24 p.m.534 views

CVE-2019-16645

CVE-2019-16645 affects Embedthis GoAhead 2.5.0 (and potentially similar versions). The issue is an HTTP Host header-based host name leakage in certain pages (e.g., goform/login, config/log_off_page.htm) that causes links to be constructed using an attacker-controlled Host header, enabling phishin...

8.6CVSS8.4AI score0.08183EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder