Lucene search
K

18 matches found

Vulnrichment
Vulnrichment
added 2026/05/13 8:44 p.m.13 views

CVE-2026-45055 CubeCart: Pre-Authenticated Password Reset Link Poisoning via HTTP Host Header

CubeCart is an ecommerce software solution. Prior to 6.7.2, CubeCart 6.6.x – 6.7.1 builds CCSTOREURL directly from the Host request header at bootstrap, with no allowlist. The constant is embedded verbatim into transactional email links, most critically the password-reset link in...

8.1CVSS5.9AI score0.00147EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 8:44 p.m.13 views

CVE-2026-45055

CubeCart pre-authenticated password reset link poisoning via HTTP Host header (affecting 6.6.x–6.7.1) allows an unauthenticated attacker to cause password-reset tokens to be sent to a victim with a malicious domain (evil.com). Builds CC_STORE_URL from Host header without allowlist, embedding the ...

8.1CVSS5.9AI score0.00147EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/04 5:42 a.m.6 views

CVE-2026-29199

phpBB before 3.3.16 is vulnerable to Host Header Injection that can lead to password rest link poisoning. When forceservervars is disabled, the servers hostname may be extracted from the HTTP Host header which is used to generate the password reset link URL. An attacker who can manipulate the Hos...

5.8AI score0.00249EPSS
Exploits0References1
NVD
NVD
added 2026/03/26 7:17 p.m.5 views

CVE-2026-33149

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including 2.5.3 set ALLOWEDHOSTS = '' by default, which causes Django to accept any value in the HTTP Host header without validation. The application uses request.buildabsoluteu...

8.1CVSS0.00304EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/26 6:53 p.m.3 views

CVE-2026-33149

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including 2.5.3 set ALLOWEDHOSTS = '' by default, which causes Django to accept any value in the HTTP Host header without validation. The application uses request.buildabsoluteu...

8.1CVSS5.8AI score0.00304EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/26 6:53 p.m.26 views

CVE-2026-33149 Tandoor Recipes Vulnerable to Host Header Injection

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including 2.5.3 set ALLOWEDHOSTS = '' by default, which causes Django to accept any value in the HTTP Host header without validation. The application uses request.buildabsoluteu...

8.1CVSS0.00304EPSS
Exploits1References1
CVE
CVE
added 2026/03/26 6:53 p.m.10 views

CVE-2026-33149

Tandoor Recipes

8.1CVSS5.8AI score0.00304EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/03/26 6:53 p.m.7 views

EUVD-2026-16313

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including 2.5.3 set ALLOWEDHOSTS = '' by default, which causes Django to accept any value in the HTTP Host header without validation. The application uses request.buildabsoluteu...

8.1CVSS5.8AI score0.00304EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/26 6:53 p.m.5 views

CVE-2026-33149 Tandoor Recipes Vulnerable to Host Header Injection

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including 2.5.3 set ALLOWEDHOSTS = '' by default, which causes Django to accept any value in the HTTP Host header without validation. The application uses request.buildabsoluteu...

8.1CVSS5.9AI score0.00304EPSS
Exploits1References1
OSV
OSV
added 2026/03/26 6:53 p.m.7 views

CVE-2026-33149 Tandoor Recipes Vulnerable to Host Header Injection

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including 2.5.3 set ALLOWEDHOSTS = '' by default, which causes Django to accept any value in the HTTP Host header without validation. The application uses request.buildabsoluteu...

8.1CVSS5.8AI score0.00304EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.7 views

PT-2026-28470

Name of the Vulnerable Software and Affected Versions Tandoor Recipes versions up to and including 2.5.3 Description Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including 2.5.3 set ALLOWED HOSTS = '' by default, which...

8.1CVSS5.9AI score0.00304EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.8 views

Tandoor Recipes 安全漏洞

Tandoor Recipes is an open-source application designed for managing recipes, planning meals, creating shopping lists, and more. Versions of Tandoor Recipes 2.5.3 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the default setting ALLOWEDHOSTS = , which could all...

8.1CVSS5.8AI score0.00304EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/31 10:7 p.m.5 views

CVE-2024-14006

Nagios XI versions prior to 2024R1.2.2 contain a host header injection vulnerability. The application trusts the user-supplied HTTP Host header when constructing absolute URLs without sufficient validation. An unauthenticated, remote attacker can supply a crafted Host header to poison generated...

8.8CVSS7.2AI score0.00433EPSS
Exploits0References1
NVD
NVD
added 2025/10/30 10:15 p.m.8 views

CVE-2024-14006

Nagios XI versions prior to 2024R1.2.2 contain a host header injection vulnerability. The application trusts the user-supplied HTTP Host header when constructing absolute URLs without sufficient validation. An unauthenticated, remote attacker can supply a crafted Host header to poison generated...

8.8CVSS0.00433EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/10/20 8:8 p.m.6 views

Taguette password reset link poisoning

Impact An issue has been discovered in Taguette versions prior to 1.5.0. It was possible for an attacker to request password reset email containing a malicious link, allowing the attacker to set the email if clicked by the victim. Patches Users should upgrade to Taguette 1.5.0. References -...

7.1CVSS7AI score0.00231EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2025/10/20 8:3 p.m.8 views

CVE-2025-62527 Taguette vulnerable to password reset link poisoning

Taguette is an open source qualitative research tool. An issue has been discovered in Taguette versions prior to 1.5.0. It was possible for an attacker to request password reset email containing a malicious link, allowing the attacker to set the email if clicked by the victim. This issue has been...

7.1CVSS0.00231EPSS
Exploits0References2
OSV
OSV
added 2025/10/20 8:3 p.m.5 views

CVE-2025-62527 Taguette vulnerable to password reset link poisoning

Taguette is an open source qualitative research tool. An issue has been discovered in Taguette versions prior to 1.5.0. It was possible for an attacker to request password reset email containing a malicious link, allowing the attacker to set the email if clicked by the victim. This issue has been...

7.1CVSS6.9AI score0.00231EPSS
Exploits0References4
Hacker One
Hacker One
added 2017/12/21 3:13 p.m.12 views

GSA Bounty: Link poisoning on https://secure.login.gov/ login page

This link leads to the genuine secure.login.gov login page, in French: https://secure.login.gov/fr?host=portswigger.net However, if you try to change the language to English using the bar at the bottom you'll end up an external website of my choice. As users won't expect changing their language t...

1.1AI score
Exploits0
Rows per page
Query Builder