PT-2026-23045

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.35.0 Description cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. When a request handler throws a C++ exception and a custom exception handler has not been registered using set...

CVE-2025-62524 PILOS Exposes PHP version

PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. PILOS before 4.8.0 exposes the PHP version via the X-Powered-By header, enabling attackers to fingerprint the server and assess potential exploits. This information disclosure vulnerability originates from PHP’s...

CVE-2025-52647

The BigFix WebUI application responds with HOST information from the HTTP header field making it vulnerable to Host Header Poisoning Attacks...

CVE-2025-52647

CVE-2025-52647 affects HCL BigFix WebUI and is described as a host header poisoning vulnerability where the application responds with HOST information from HTTP header fields. Connected sources consistently reference this issue in BigFix WebUI across multiple ecosystems (Red Hat, CNVD, NVD, CVE l...

EUVD-2024-23541

Malicious code in bioql PyPI...

PT-2023-5297 · Unknown · Modulys Gp

Name of the Vulnerable Software and Affected Versions: MODULYS GP MOD3GP-SY-120K affected versions not specified Description: The issue is related to weaknesses in the user management level of a web application, allowing an attacker to obtain necessary information from headers to create specially...

PT-2023-14171 · WordPress +1 · Wp Limit Login Attempts +1

Name of the Vulnerable Software and Affected Versions: WP Limit Login Attempts plugin versions prior to 2.7 Description: The issue allows bypassing IP-based restrictions on login forms by prioritizing certain HTTP headers over PHP's REMOTE ADDR for getting a visitor's IP. Recommendations: For WP...

Information Disclosure

grafana is vulnerable to information disclosure. The vulnerability is due to the proxy endpoints leaking sensitive authentication tokens to some destination plugins which allows an attacker to gain access to HTTP header information...

Information Disclosure

guzzlehttp/guzzle is vulnerable to information disclosure. The vulnerability exists in serveral functions in RedirectMiddleware.php because the change in port is not considered a change in origin when sending requests with header files which allows an attacker to gain access to sensitive header...

How Does DMARC Prevent Phishing?

DMARC is a global standard for email authentication. It allows senders to verify that the email really comes from whom it claims to come from. This helps curb spam and phishing attacks, which are among the most prevalent cybercrimes of today. Gmail, Yahoo, and many other large email providers hav...

FinalRecon v1.1.0 - The Last Web Recon Tool You'll Need

FinalRecon is an automatic web reconnaissance tool written in python. Goal of FinalRecon is to provide an overview of the target in a short amount of time while maintaining the accuracy of results. Instead of executing several tools one after another it can provide similar results keeping...

HawkScan - Security Tool For Reconnaissance And Information Gathering On A Website

Security Tool for Reconnaissance and Information Gathering on a website. python 2.x & 3.x This script use "WafW00f" to detect the WAF in the first step https://github.com/EnableSecurity/wafw00f This script use "Sublist3r" to scan subdomains https://github.com/aboul3la/Sublist3r This script use...

FinalRecon - The Last Web Recon Tool You'll Need

FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease. Featured NullByte https://null-byte.wonderhowto.com/how-to/conduct-recon-web-target-with-python-tools-0198114/...

The vulnerability of the header::add_INFO_descriptor function in the VCF file handling package VCFtools allows a attacker to cause a service failure.

The vulnerability of the header::addINFOdescriptor function in the VCF file handling library VCFtools is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause service failure by using a specially created vcf file...

FinalRecon v1.0.2 - OSINT Tool For All-In-One Web Reconnaissance

FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease. Features FinalRecon provides detailed information such as : Header Information Whois SSL Certificate Information Crawler DNS Enumeration A, AAAA,...

Citrix Gateway 11.1 / 12.0 / 12.1 Information Disclosure Vulnerability

Exploit for multiple platform in category web applications Product: Citrix Gateway Manufacturer: Citrix Systems, Inc. Affected Versions: 11.1, 12.0, 12.1 Tested Versions: 11.1.63.15, 12.0.63.13, 12.1.55.18 Vulnerability Type: Information Exposure Through Caching CWE-512 Risk Level: Information...

FinalRecon - OSINT Tool For All-In-One Web Reconnaissance

FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease. Features FinalRecon provides detailed information such as : Header Information WHOIS SSL Certificate Details Found Flag in SSL Certificate -...

CVE-2016-7448

The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service CPU consumption or large memory allocations via vectors involving the header information and the file size...

Design/Logic Flaw

The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service CPU consumption or large memory allocations via vectors involving the header information and the file size...

DEBIAN-CVE-2016-7448

The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service CPU consumption or large memory allocations via vectors involving the header information and the file size...