Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/13 6:3 p.m.15 views

CVE-2022-23513

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

5.3CVSS6.7AI score0.40162EPSS
Exploits4References1
0day.today
0day.today
added 2023/09/04 12:0 a.m.233 views

AdminLTE PiHole 5.18 - Broken Access Control Vulnerability

Exploit Title: AdminLTE PiHole ' HTTP requests GET /admin/scripts/pi-hole/php/queryads.php?domain=' HTTP/1.1 HOST: pi.hole Cookie: ..SNIPPED.. ..SNIPPED.. HTTP Response HTTP/1.1 200 OK ..SNIPPED.. data: Match found in ..SNIPPED.. data: data: data:...

5.3CVSS5.3AI score0.40162EPSS
Exploits4
Packet Storm
Packet Storm
added 2023/09/04 12:0 a.m.394 views

AdminLTE PiHole Broken Access Control

Exploit Title: AdminLTE PiHole ' HTTP requests GET /admin/scripts/pi-hole/php/queryads.php?domain=' HTTP/1.1 HOST: pi.hole Cookie: ..SNIPPED.. ..SNIPPED.. HTTP Response HTTP/1.1 200 OK ..SNIPPED.. data: Match found in ..SNIPPED.. data: data: data:...

5.3CVSS7.1AI score0.40162EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/09/04 12:0 a.m.685 views

AdminLTE PiHole 5.18 - Broken Access Control

Exploit Title: AdminLTE PiHole ' HTTP requests GET /admin/scripts/pi-hole/php/queryads.php?domain=' HTTP/1.1 HOST: pi.hole Cookie: ..SNIPPED.. ..SNIPPED.. HTTP Response HTTP/1.1 200 OK ..SNIPPED.. data: Match found in ..SNIPPED.. data: data: data:...

5.3CVSS5.5AI score0.40162EPSS
Exploits4
Vulnrichment
Vulnrichment
added 2022/12/22 11:17 p.m.5 views

CVE-2022-23513 Pi-Hole/AdminLTE vulnerable due to improper access control in queryads endpoint

Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...

5.3CVSS5.6AI score0.40162EPSS
Exploits4References3
CVE
CVE
added 2022/12/22 11:17 p.m.105 views

CVE-2022-23513

CVE-2022-23513 affects Pi-hole AdminLTE (Pi-hole Web Interface). The issue is an access-control vulnerability in the queryads endpoint exposed via root-path PHP script /admin/scripts/pi-hole/phpqueryads.php, where insufficient validation allows an attacker to perform unauthorized queries for bloc...

5.3CVSS5.2AI score0.40162EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder