484 matches found
GHSA-HC74-9VJM-C9XV Apache Superset Open Redirect vulnerability
An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0...
Apache Superset Open Redirect vulnerability
An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0...
CVE-2023-42502
An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0...
CVE-2023-42502 Apache Superset: Open Redirect Vulnerability
An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0...
CVE-2023-36950
TOTOLINK X5000R V9.1.0u.6118B20201102 and TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a stack overflow via the httphost parameter in the function loginAuth...
CVE-2023-36340
TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain a stack overflow via the httphost parameter in the function loginAuth...
TOTOLINK X5000R和TOTOLINK A7000R 缓冲区错误漏洞
TOTOLINK X5000R is a router.TOTOLINK A7000R is a wireless router. A buffer overflow vulnerability exists in the TOTOLINK X5000R and A7000R. The vulnerability stems from the failure of the httphost parameter in the loginAuth function to correctly validate the length and size of the input data, whi...
TOTOLINK NR1800X Buffer Error Vulnerability
TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE from China's Gion Electronics TOTOLINK.Designed to provide fast and easy deployment of NR Fixed Data Services for homes and offices. A security vulnerability exists in TOTOLINK NR1800X version V9.1.0u.6279B20210910 and prior...
LDAP Tool Box Self Service Password v1.5.2 - Account takeover Vulnerability
Exploit Title: LDAP Tool Box Self Service Password v1.5.2 - Account takeover Exploit Author: Tahar BENNACEF aka tar.gz Software Link: https://github.com/ltb-project/self-service-password Version: 1.5.2 Tested on: Ubuntu Self Service Password is a PHP application that allows users to change their...
LDAP Tool Box Self Service Password 1.5.2 Account Takeover
Exploit Title: LDAP Tool Box Self Service Password v1.5.2 - Account takeover Date: 02/17/2023 Exploit Author: Tahar BENNACEF aka tar.gz Software Link: https://github.com/ltb-project/self-service-password Version: 1.5.2 Tested on: Ubuntu Self Service Password is a PHP application that allows users...
LDAP Tool Box Self Service Password v1.5.2 - Account takeover
Exploit Title: LDAP Tool Box Self Service Password v1.5.2 - Account takeover Date: 02/17/2023 Exploit Author: Tahar BENNACEF aka tar.gz Software Link: https://github.com/ltb-project/self-service-password Version: 1.5.2 Tested on: Ubuntu Self Service Password is a PHP application that allows users...
Design/Logic Flaw
In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter e.g. report=http://xyz.com/report.rptdesign. If the host indicated in the report parameter matched the HTTP Host header valu...
SUSE CVE-2005-3665
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the 1 HTTPHOST variable and 2 various scripts in the libraries directory that handle header generation...
SUSE CVE-2009-2059
Opera, possibly before 9.25, uses the HTTP Host header to determine the context of a document provided in a 1 4xx or 2 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying this CONNECT response, aka an "SSL tampering" atta...
CVE-2022-40624
pfSense pfBlockerNG through 2.1.427 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814...
CVE-2022-40624
pfSense pfBlockerNG through 2.1.427 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814...
Design/Logic Flaw
pfSense pfBlockerNG through 2.1.427 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814...
CVE-2022-40624
pfSense pfBlockerNG through 2.1.427 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814...
CVE-2022-40624
pfSense pfBlockerNG through 2.1.427 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814...
CVE-2019-18265
Digital Alert Systems’ DASDEC software prior to version 4.1 contains a cross-site scripting XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The injected content is stored in...