CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2025/04/26 4:46 a.m.•8 views

CVE-2024-29643

An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component...

9.1CVSS7.1AI score0.00119EPSS

Exploits1References1

Github Security Blog•added 2025/04/21 3:31 p.m.•18 views

croogo Host header injection

An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component...

9.1CVSS7.1AI score0.00119EPSS

Exploits1References4Affected Software1

CVE•added 2025/04/18 12:0 a.m.•53 views

CVE-2024-29643

CVE-2024-29643 affects croogo v3.0.2 and is due to Host header injection in the feed.rss component. The vulnerability occurs when the feed.rss code passes the HTTP Host header content into a response element (e.g., a link) without proper filtering, enabling an attacker to influence redirect-like ...

9.1CVSS7.4AI score0.00119EPSS

Exploits1References1Affected Software1

Cvelist•added 2025/04/18 12:0 a.m.•8 views

CVE-2024-29643

An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component...

0.00119EPSS

Exploits1References1

Positive Technologies•added 2025/04/18 12:0 a.m.•3 views

PT-2025-17297 · Croogo · Croogo

Name of the Vulnerable Software and Affected Versions: croogo version 3.0.2 Description: The issue allows an attacker to perform Host header injection via the feed.rss component. Recommendations: For croogo version 3.0.2, consider disabling the feed.rss component until a patch is available...

9.1CVSS6.6AI score0.00119EPSS

Exploits1References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by