89 matches found
Design/Logic Flaw
A host header attack vulnerability exists in FUEL CMS 1.5.0 through fuel/modules/fuel/config/fuelconstants.php and fuel/modules/fuel/libraries/Asset.php. An attacker can use a man in the middle attack such as phishing...
CVE-2021-38290
CVE-2021-38290 affects FUEL CMS 1.5.0, with the issue localized to fuel/modules/fuel/config/fuel_constants.php and fuel/modules/fuel/libraries/Asset.php. The vulnerability is described as a host header attack that could enable man-in-the-middle-style abuse (e.g., phishing). The Connected document...
Vmware vRealize Automation 授权问题漏洞
Vmware vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation from Vmware, Inc. An authorization issue vulnerability exists in Vmware vRealize Automation version 7.6, which stems from the software not adequately validating user-supplied input in the...
CVE-2021-22903
A flaw was found in rubygem-actionpack. Specially crafted Host headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website. The highest threat from this vulnerability is to data integrity...
Unnamed Vulnerability in October CMS
October CMS is an open source content management system CMS based on PHP and Laravel web application framework. October before version 1.1.2 suffers from a security vulnerability that stems from a host header attack that may succeed when running on a misconfigured server. No detailed vulnerabilit...
PT-2021-2473
Name of the Vulnerable Software and Affected Versions Accellion FTA versions 9 12 370 and earlier Description The issue is related to a lack of protection against SQL query structure exploitation. This can be exploited by a remote attacker to execute arbitrary SQL code and gain unauthorized acces...
rabbitmq-server: "X-Reason" HTTP Header can be leveraged to insert a malicious string leading to DoS
A resource-consumption flaw was identified in the rabbitmq-server web management plugin. Utilizing a malicious 'X-Reason' HTTP header, a remote attacker could insert a malicious Erlang format string which will expand and consume heap memory, resulting in a crash. The highest threat from this...
CVE-2019-5990
Access analysis CGI An-Analyzer released in 2019 June 24 and earlier allow remote attackers to obtain a login password via HTTP referer...
The vulnerability of the FortiOS operating system arises from insufficient protection of the web page structure, allowing attackers to inject arbitrary JavaScript or HTML code.
The vulnerability of the FortiOS operating system arises from insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript or HTML code using a specially crafted HTTP request header named “Host”...
CVE-2018-7068
HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version...
CVE-2018-7068
HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version...
CVE-2018-7068
HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent version...
CVE-2018-11714
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of...
Improper access control
cmsmadesimple version 2.2.7 contains a Incorrect Access Control vulnerability in the function of sendrecoveryemail in the line "$url = $config'adminurl' . '/login.php?recoverme=' . $code;" that can result in Administrator Password Reset Poisoning, specifically a reset URL pointing at an attacker...
CVE-2018-1000158
cmsmadesimple version 2.2.7 contains a Incorrect Access Control vulnerability in the function of sendrecoveryemail in the line "$url = $config'adminurl' . '/login.php?recoverme=' . $code;" that can result in Administrator Password Reset Poisoning, specifically a reset URL pointing at an attacker...
CVE-2018-1000158
cmsmadesimple version 2.2.7 contains a Incorrect Access Control vulnerability in the function of sendrecoveryemail in the line "$url = $config'adminurl' . '/login.php?recoverme=' . $code;" that can result in Administrator Password Reset Poisoning, specifically a reset URL pointing at an attacker...
CVE-2018-1000158
cmsmadesimple version 2.2.7 contains a Incorrect Access Control vulnerability in the function of sendrecoveryemail in the line "$url = $config'adminurl' . '/login.php?recoverme=' . $code;" that can result in Administrator Password Reset Poisoning, specifically a reset URL pointing at an attacker...
CVE-2018-1000158
CMS Made Simple 2.2.7 has an Incorrect Access Control vulnerability in send_recovery_email that can create a reset URL pointing to an attacker-controlled server via a host header attack, enabling Administrator Password Reset Poisoning. Affected: cmsmadesimple 2.2.7. No explicit mitigations or pat...
CVE-2016-6285
Cross-site scripting XSS vulnerability in includes/decorators/global-translations.jsp in Atlassian JIRA before 7.2.2 allows remote attackers to inject arbitrary web script or HTML via the HTTP Host header...
Boozt Fashion AB: Email link poisoning / Host header attack
Description ------------- It is possible to poison the link of the password reset email. This is generally done by altering the Host header, but in this case, the WAF is successfully blocking it. The trick here is to add an X-Forwarded-Host header in the request so the server is using this value...