Lucene search
+L

390 matches found

Friends Of PHP
Friends Of PHP
added 2014/09/03 7:37 a.m.28 views

Denial of service with a malicious HTTP Host header

More info at https://symfony.com/cve-2014-5244...

7.2AI score0.01663EPSS
Exploits0Affected Software1
Exploit DB
Exploit DB
added 2014/08/26 12:0 a.m.27 views

ntopng 1.2.0 - Cross-Site Scripting Injection

ntopng 1.2.0 XSS injection using monitored network traffic ntopng is the next generation version of the original ntop, a network traffic probe and monitor that shows the network usage, similar to what the popular top Unix command does. The web-based frontend of the software is vulnerable to...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2014/08/25 12:0 a.m.155 views

ntopng 1.2.0 Cross Site Scripting

ntopng 1.2.0 XSS injection using monitored network traffic ntopng is the next generation version of the original ntop, a network traffic probe and monitor that shows the network usage, similar to what the popular top Unix command does. The web-based frontend of the software is vulnerable to...

4.3CVSS0.1AI score0.04454EPSS
Exploits2
NVD
NVD
added 2014/07/22 2:55 p.m.18 views

CVE-2014-5019

The multisite feature in Drupal 6.x before 6.32 and 7.x before 7.29 allows remote attackers to cause a denial of service via a crafted HTTP Host header, related to determining which configuration file to use...

5CVSS6.3AI score0.02772EPSS
Exploits0References2
Prion
Prion
added 2014/07/22 2:55 p.m.23 views

Design/Logic Flaw

The multisite feature in Drupal 6.x before 6.32 and 7.x before 7.29 allows remote attackers to cause a denial of service via a crafted HTTP Host header, related to determining which configuration file to use...

5CVSS6.9AI score0.02772EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2014/07/22 2:55 p.m.35 views

CVE-2014-5019

The multisite feature in Drupal 6.x before 6.32 and 7.x before 7.29 allows remote attackers to cause a denial of service via a crafted HTTP Host header, related to determining which configuration file to use...

5CVSS6.4AI score0.02772EPSS
Exploits0References3
CVE
CVE
added 2014/07/22 2:0 p.m.129 views

CVE-2014-5019

CVE-2014-5019 affects Drupal 6.x before 6.32 and 7.x before 7.29, where the multisite feature can be abused by a crafted HTTP Host header to cause a denial of service (DoS) by impacting configuration file selection. The connected advisories confirm the issue and indicate fixes were released as Dr...

5CVSS5.9AI score0.02772EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2014/07/22 2:0 p.m.49 views

CVE-2014-5019

Removed by vendor...

5CVSS6.2AI score0.02772EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/07/21 12:0 a.m.41 views

Drupal 6.x < 6.32 / 7.x < 7.29 Multiple Vulnerabilities

The remote web server is running a version of Drupal that is 6.x prior to 6.32 or 7.x prior to 7.29. It is, therefore, potentially affected by the following vulnerabilities : - The HTTP Host header, which determines the configuration file used by Drupal core's multisite feature, does not properly...

5CVSS6.1AI score0.02772EPSS
Exploits0References7
Drupal
Drupal
added 2014/07/16 12:0 a.m.665 views

SA-CORE-2014-003 - Drupal core - Multiple vulnerabilities

Multiple vulnerabilities were fixed in the supported Drupal core versions 6 and 7. Denial of service with malicious HTTP Host header Base system - Drupal 6 and 7 - Critical Drupal core's multisite feature dynamically determines which configuration file to use based on the HTTP Host header. The HT...

5CVSS6.8AI score0.02772EPSS
Exploits0References22
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Novell eDirectory NDS Server Host Header Overflow

No description provided by source. $Id: edirectoryhost.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
NVD
NVD
added 2014/06/03 2:55 p.m.30 views

CVE-2014-3941

TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."...

5CVSS5.4AI score0.02662EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2014/06/03 2:55 p.m.32 views

CVE-2014-3941

TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."...

5CVSS6.1AI score0.02662EPSS
Exploits0References4
Cvelist
Cvelist
added 2014/06/03 2:0 p.m.34 views

CVE-2014-3941

TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."...

5.3AI score0.02662EPSS
Exploits0References6
Check Point Advisories
Check Point Advisories
added 2013/10/13 12:0 a.m.10 views

Squid HTTP Host Header Port Handling Denial of Service (CVE-2013-4123)

A denial-of-service vulnerability exists in Squid proxy...

6.3AI score0.80451EPSS
Exploits0
NVD
NVD
added 2013/09/16 7:14 p.m.27 views

CVE-2013-4123

clientsiderequest.cc in Squid 3.2.x before 3.2.13 and 3.3.x before 3.3.8 allows remote attackers to cause a denial of service via a crafted port number in a HTTP Host header...

5CVSS6.3AI score0.80451EPSS
Exploits0References6
CVE
CVE
added 2013/09/16 7:0 p.m.194 views

CVE-2013-4123

CVE-2013-4123 affects Squid: client_side_request.cc in Squid 3.2.x before 3.2.13 and 3.3.x before 3.3.8 allows remote denial of service via a crafted port number in a HTTP Host header. Connected advisories reference patches and updates across multiple distros (openSUSE, Fedora, Solaris patch upda...

5CVSS6.3AI score0.80451EPSS
Exploits0References6Affected Software1
RedHat Linux
RedHat Linux
added 2013/03/21 6:11 p.m.41 views

Moderate: Red Hat Security Advisory: Django security update

Updated Django packages that fix multiple security issues are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

5CVSS7.4AI score0.04863EPSS
Exploits2References7
OSV
OSV
added 2013/02/27 12:0 a.m.36 views

DSA-2634-1 python-django - several vulnerabilities

Bulletin has no description...

6.4CVSS9.5AI score0.04593EPSS
Exploits2
FreeBSD
FreeBSD
added 2012/10/17 12:0 a.m.31 views

django -- multiple vulnerabilities

The Django Project reports: Host header poisoning Some parts of Django -- independent of end-user-written applications -- make use of full URLs, including domain name, which are generated from the HTTP Host header. Some attacks against this are beyond Django's ability to control, and require the...

6.4CVSS5.9AI score0.03635EPSS
Exploits1References1
Rows per page
Query Builder