Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.8 views

CVE-2026-36758

A Server-Side Request Forgery SSRF in the /themes/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

4.3CVSS5.5AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.10 views

CVE-2026-36756

A Server-Side Request Forgery SSRF in the /plugins/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

5.4CVSS5.5AI score0.00143EPSS
Exploits0References1
NVD
NVD
added 2026/04/30 4:16 p.m.5 views

CVE-2026-36756

A Server-Side Request Forgery SSRF in the /plugins/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

5.4CVSS0.00143EPSS
Exploits0References2
NVD
NVD
added 2026/04/30 4:16 p.m.3 views

CVE-2026-36758

A Server-Side Request Forgery SSRF in the /themes/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

4.3CVSS0.00168EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.7 views

PT-2026-36118

A Server-Side Request Forgery SSRF in the /themes/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

4.3CVSS5.2AI score0.00168EPSS
Exploits0References3
CVE
CVE
added 2026/04/30 12:0 a.m.12 views

CVE-2026-36756

CVE-2026-36756 describes a Server-Side Request Forgery (SSRF) in halo v2.22.14. The authenticated attacker can trigger the vulnerability via a crafted GET request to the endpoint /plugins/-/install-from-uri , enabling internal resource scanning. The NVD entry provides a CVSS v3.1 base score of 5....

5.4CVSS5.2AI score0.00143EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:0 a.m.5 views

CVE-2026-36756

A Server-Side Request Forgery SSRF in the /plugins/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

5.2AI score0.00143EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.8 views

Halo 代码问题漏洞

Halo is a powerful and easy-to-use open-source website building tool developed by Halo. Version 2.22.14 of Halo has a code vulnerability. This vulnerability stems from the /themes/-/install-from-uri endpoints, where server-side request forgery exists. This could allow authenticated attackers to...

4.3CVSS5.9AI score0.00168EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/30 12:0 a.m.4 views

CVE-2026-36758

A Server-Side Request Forgery SSRF in the /themes/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

5.2AI score0.00168EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/30 12:0 a.m.5 views

CVE-2026-36756

A Server-Side Request Forgery SSRF in the /plugins/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

5.2AI score0.00143EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.7 views

PT-2026-36117

A Server-Side Request Forgery SSRF in the /plugins/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

5.4CVSS5.2AI score0.00143EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/30 12:0 a.m.27 views

CVE-2026-36758

A Server-Side Request Forgery SSRF in the /themes/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

0.00168EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/30 12:0 a.m.32 views

CVE-2026-36756

A Server-Side Request Forgery SSRF in the /plugins/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

0.00143EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:0 a.m.2 views

CVE-2026-36758

A Server-Side Request Forgery SSRF in the /themes/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

5.2AI score0.00168EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/30 12:0 a.m.7 views

EUVD-2026-26383

A Server-Side Request Forgery SSRF in the /plugins/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

5.4CVSS5.2AI score0.00143EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/30 12:0 a.m.11 views

EUVD-2026-26384

A Server-Side Request Forgery SSRF in the /themes/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

4.3CVSS5.2AI score0.00168EPSS
Exploits0References2
Rows per page
Query Builder