42 matches found
CVE-2025-5184
A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. It has been classified as problematic. Affected is an unknown function of the component HTTP Response Header Handler. The manipulation leads to information disclosure. It is possible to launch the...
CVE-2025-5183 Summer Pearl Group Vacation Rental Management Platform Header redirect
A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as problematic. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument Host leads to open redirect. The attack may be initiated...
CVE-2025-5183
Summary: Summer Pearl Group Vacation Rental Management Platform (up to v1.0.1) has an open redirect caused by manipulation of the Host argument in the Header Handler. This may enable remote abuse to redirect users to arbitrary URLs. Exploit details are not provided in the connected documents. Rem...
CVE-2023-4965
A vulnerability was found in phpipam 1.5.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument X-Forwarded-Host leads to open redirect. The attack may be launched remotely. The exploit has been...
D-Link DAP-1562 安全漏洞
The D-Link DAP-1562 is a wireless bridge from China's AUO D-Link. A security vulnerability exists in the D-Link DAP-1562 version 1.10, which stems from a stack buffer overflow in the HTTP Header Handler, which could lead to a remote attack. An attacker can exploit the vulnerability to execute...
PT-2025-4006 · Telstra · Telstra Smart Modem Gen 2
Name of the Vulnerable Software and Affected Versions: Telstra Smart Modem Gen 2 up to 20250115 Description: A problematic issue was found in the HTTP Header Handler component. The manipulation of the Content-Disposition argument leads to injection. This issue can be initiated remotely. The vendo...
H2O 安全漏洞
H2O is an in-memory platform for distributed, scalable machine learning open-sourced by H2O.ai. A security vulnerability exists in H2O that stems from a configuration directive provided by the header handler that allows a user to modify the response header sent by h2o, potentially causing the...
CVE-2023-4965
A vulnerability was found in phpipam 1.5.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument X-Forwarded-Host leads to open redirect. The attack may be launched remotely. The exploit has been...
Open redirect
A vulnerability was found in phpipam 1.5.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument X-Forwarded-Host leads to open redirect. The attack may be launched remotely. The exploit has been...
CVE-2023-4965 phpipam Header redirect
A vulnerability was found in phpipam 1.5.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument X-Forwarded-Host leads to open redirect. The attack may be launched remotely. The exploit has been...
CVE-2023-4965 phpipam Header redirect
A vulnerability was found in phpipam 1.5.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument X-Forwarded-Host leads to open redirect. The attack may be launched remotely. The exploit has been...
PT-2023-31278 · Phpipam · Phpipam
Name of the Vulnerable Software and Affected Versions: phpipam version 1.5.1 Description: A vulnerability was found in the component Header Handler of phpipam. The manipulation of the argument X-Forwarded-Host leads to open redirect. This issue can be exploited remotely. Recommendations: For...
TurboGears 注入漏洞
TurboGears is an open source web development framework from OnShift. TurboGears version 1.0.11.10 suffers from an injection vulnerability that stems from a problem in the unknown section of the file turbogears/controllers.py in the component HTTP Header Handler, which can lead to a split http...
PT-2022-25580 · Top Infosoft · Top Infosoft Visitor Details Plugin
Name of the Vulnerable Software and Affected Versions: Top Infosoft Visitor Details Plugin affected versions not specified Description: A vulnerability was found in the HTTP Header Handler component of the Top Infosoft Visitor Details Plugin, which can be exploited remotely. The issue is related ...
PT-2022-25537 · WordPress · Ip Location Block Plugin
Name of the Vulnerable Software and Affected Versions: IP Location Block Plugin affected versions not specified Description: A vulnerability was found in the IP Location Block Plugin, affecting an unknown functionality of the component HTTP Header Handler. The manipulation of the X-Forwarded-For...
Design/Logic Flaw
A vulnerability was found in Simple History Plugin. It has been rated as critical. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack may be initiated remotely. T...
CVE-2022-4011
CVE-2022-4011 affects the WordPress Simple History Plugin, specifically the Header Handler. The issue arises from manipulation of the X-Forwarded-For argument, causing improper output neutralization in logs. The vulnerability is exploitable remotely and has been disclosed publicly. Several connec...
CVE-2022-4006
A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by this issue is the function increaseattempts of the file wbce/framework/class.login.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of...
CVE-2022-4006
A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by this issue is the function increaseattempts of the file wbce/framework/class.login.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of...
Design/Logic Flaw
A vulnerability, which was classified as problematic, has been found in WBCE CMS. Affected by this issue is the function increaseattempts of the file wbce/framework/class.login.php of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of...