3 matches found
CVE-2024-46452
A Host Header injection vulnerability in the password reset function of VigyBag Open Source Online Shop commit 3f0e21b allows attackers to redirect victim users to a malicious site via a crafted URL...
CVE-2024-38485
CVE-2024-38485 concerns Dell ECS before version 3.8.0, with a Host Header Injection vulnerability. A remote, low-privilege attacker could trigger redirections that may lead to disclosure of sensitive information. Public documents from NVD, CVE listings, and PT-2024-9646 describe the affected soft...
CVE-2024-30129 HCL Nomad server on Domino is affected by a host header injection vulnerability
The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP address...