EUVD-2016-8752

Malware in sbrugna...

EUVD-2024-1586

Malicious code in bioql PyPI...

CVE-2022-31814

pfSense pfBlockerNG through 2.1.426 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected...

CVE-2013-5697

SQL injection vulnerability in modaccounting.c in the modaccounting module 0.5 and earlier for Apache allows remote attackers to execute arbitrary SQL commands via a Host header...

CVE-2024-13553

CVE-2024-13553 affects the WordPress plugin SMS Alert Order Notifications – WooCommerce . The vulnerability arises because the plugin uses the Host header to detect a “playground” environment, enabling unauthenticated attackers to spoof the Host header and cause the OTP code to be “1234”, leading...

PT-2024-9208 · Apache +1 · Apache Traffic Server +1

Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions 9.2.0 through 9.2.5 Description: The issue is related to insufficient input validation when handling the Host header field, which can cause Apache Traffic Server to crash on some platforms. This can be exploited...

thttpd Host Header Traversal Arbitrary File Access

The remote HTTP server allows anyone to browse the files on the remote host by sending HTTP requests with a Host: field set to '../../'. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11576; scriptversion "1.18"; scriptcveid"CVE-2002-1562", "CVE-2003-0899";...