Lucene search
K

22 matches found

Vulnrichment
Vulnrichment
added 2026/06/01 3:15 p.m.11 views

CVE-2026-10269 decolua 9router HTTP Header dashboardGuard.js isAuthenticated improper authorization

A security vulnerability has been detected in decolua 9router up to 0.4.0. This issue affects the function isAuthenticated of the file src/dashboardGuard.js of the component HTTP Header Handler. The manipulation of the argument Host leads to improper authorization. The attack is possible to be...

6.5CVSS6.2AI score0.00276EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

e107 安全漏洞

e107 is a set of open-source, free content management systems CMS developed by the E107 team. It is built using PHP and MySQL. This system supports various plugins and theme options, making it suitable for use as a personal blog, discussion community, or archive database. Versions of e107 prior t...

8.1CVSS5.8AI score0.00297EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/14 2:24 p.m.10 views

CVE-2026-42559 RMCP: DNS rebinding vulnerability in rmcp Streamable HTTP server transport

RMCP is an official Rust SDK for the Model Context Protocol. Prior to version 1.4.0, the rmcp crate's Streamable HTTP server transport crates/rmcp/src/transport/streamablehttpserver/ did not validate the incoming Host header. This allowed a malicious public website, via a DNS rebinding attack, to...

8.8CVSS5.8AI score0.00213EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/13 8:44 p.m.8 views

EUVD-2026-30172

CubeCart is an ecommerce software solution. Prior to 6.7.2, CubeCart 6.6.x – 6.7.1 builds CCSTOREURL directly from the Host request header at bootstrap, with no allowlist. The constant is embedded verbatim into transactional email links, most critically the password-reset link in...

8.1CVSS5.9AI score0.00147EPSS
Exploits0References1
OSV
OSV
added 2026/05/03 9:57 a.m.8 views

OESA-2026-2192 python-aiohttp security update

Async http client/server framework asyncio. Security Fixes: Insufficient restrictions in header/trailer handling could cause uncapped memory usage.CVE-2026-22815 An unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation.CVE-2026-34513 An attacker who...

9.1CVSS5.7AI score0.00461EPSS
Exploits0References10
NVD
NVD
added 2026/03/26 7:17 p.m.5 views

CVE-2026-33149

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including 2.5.3 set ALLOWEDHOSTS = '' by default, which causes Django to accept any value in the HTTP Host header without validation. The application uses request.buildabsoluteu...

8.1CVSS0.00304EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/18 5:47 p.m.3 views

CVE-2026-32632

Glances is an open-source system cross-platform monitoring tool. Glances recently added DNS rebinding protection for the MCP endpoint, but prior to version 4.5.2, the main REST/WebUI FastAPI application still accepts arbitrary Host headers and does not apply TrustedHostMiddleware or an equivalent...

5.9CVSS5.8AI score0.0016EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/07 7:59 a.m.5 views

CVE-2026-28681

Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. From version 4.4.0 to before version 4.4.5 and from version 4.5.0 to before version 4.5.1, an attacker can manipulate the HTTP Host header on a password reset or account creation...

8.1CVSS5.7AI score0.00427EPSS
Exploits0References1
NVD
NVD
added 2026/02/25 6:23 p.m.11 views

CVE-2026-27739

The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery SSRF vulnerability in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL...

9.2CVSS0.00497EPSS
Exploits1References4
CVE
CVE
added 2026/02/25 4:47 p.m.85 views

CVE-2026-27739

CVE-2026-27739 affects Angular SSR, with an SSRF vulnerability in the request handling pipeline. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 allow unvalidated Host and X-Forwarded-* headers to influence base-origin URL construction, enabling arbitrary internal request steering via...

9.2CVSS5.8AI score0.00497EPSS
Exploits1References4
NVD
NVD
added 2025/12/04 10:15 p.m.6 views

CVE-2025-66509

LaraDashboard is an all-In-one solution to start a Laravel Application. In 2.3.0 and earlier, the password reset flow trusts the Host header, allowing attackers to redirect the administrator’s reset token to an attacker-controlled server. This can be combined with the module installation process ...

9.8CVSS0.00345EPSS
Exploits0References2
OSV
OSV
added 2025/12/04 10:10 p.m.3 views

CVE-2025-66509 LaraDashboard: 1-Click Pre-Auth RCE via Host Header + Module Installation Chain

LaraDashboard is an all-In-one solution to start a Laravel Application. In 2.3.0 and earlier, the password reset flow trusts the Host header, allowing attackers to redirect the administrator’s reset token to an attacker-controlled server. This can be combined with the module installation process ...

9.3CVSS7.8AI score0.00345EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/20 4:50 p.m.11 views

EUVD-2025-198296

ClipBucket v5 is an open source video sharing platform. In ClipBucket version 5.5.2, a change to network.class.php causes the application to dynamically build the server URL from the incoming HTTP Host header when the configuration baseurl is not set. Because Host is a client-controlled header, a...

6.8CVSS6.8AI score0.00308EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2025/07/10 12:0 a.m.137 views

📄 Schneider Electric EcoStruxure IT Data Center Expert 8.3 Server-Side Request Forgery

Schneider Electric EcoStruxure IT Data Center Expert versions 8.3 and below insecurely forward HTTP requests based on user-controlled values, enabling an unauthenticated user to coerce the web application into sending data to arbitrary locations, such as the SMTP service listening on localhost...

6.3CVSS7.6AI score0.00463EPSS
Exploits2
OSV
OSV
added 2023/07/11 8:15 p.m.5 views

AZL-37418 CVE-2023-29406 affecting package golang for versions less than 1.21.6-1

The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...

6.5CVSS6.7AI score0.0125EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/02/24 12:0 a.m.1 views

PT-2022-17234 · Ec Cube · Ec-Cube

Name of the Vulnerable Software and Affected Versions: EC-CUBE versions 3.0.0 through 3.0.18-p3 EC-CUBE versions 4.0.0 through 4.1.1 Description: The issue arises from improper handling of HTTP Host header values, allowing a remote unauthenticated attacker to manipulate the vulnerable version of...

5.3CVSS5.3AI score0.01138EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/02/14 12:0 a.m.4 views

Compass Plus e-Commerce Payment Gateway 安全漏洞

Compass Plus e-Commerce Payment Gateway is an application interface of the Russian company Compass Plus. It provides an API interface for payment functions. A security vulnerability exists in Compass Plus TranzWare Online FIMI Web Interface Tranzware Online TWO 5.3.33.3 F38 and FIMI 4.2.19.4 25,...

6.1CVSS6.3AI score0.00672EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2020/10/19 6:8 p.m.1 views

python: CRLF injection via the host part of the url passed to urlopen()

A CRLF injection flaw was discovered in python in the way URLs are handled when doing an HTTP/HTTPS connection e.g. through urlopen or HTTPConnection. An attacker who can control the url parameter passed to urlopen method in the urllib/urllib2 modules can inject CRLF sequences and HTTP headers by...

6.1CVSS6.9AI score0.03513EPSS
Exploits0References4
OSV
OSV
added 2019/09/20 7:15 p.m.3 views

CVE-2019-16645

An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages such as goform/login and config/logoffpage.htm create links containing a hostname obtained from an arbitrary HTTP Host header sent by an attacker. This could potentially be used in a phishing attack...

8.6CVSS7.2AI score0.08183EPSS
Exploits3References2
CNVD
CNVD
added 2018/11/06 12:0 a.m.3 views

Unspecified Vulnerability in Green Electronics RainMachine Mini-8 and Touch HD 12 Web Applications (CNVD-2019-28247)

Green Electronics RainMachine Mini-8 and Touch HD 12 Web Application are both products of American c. Green Electronics RainMachine Mini-8 is a smart irrigation sprinkler. touch HD 12 Web Touch HD 12 Web Application is a web-based touch screen application. A security vulnerability exists in the...

9.8CVSS6.8AI score0.01598EPSS
Exploits1References1
Rows per page
Query Builder