3 matches found
Code injection
Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on queryads endpoint. In the case of application, this...
Pi-hole cross-site scripting vulnerability (CNVD-2021-30595)
Pi-hole is a multi-platform, network-wide ad-blocking tool. A stored cross-site scripting vulnerability exists in Pi-hole 5.4 and earlier versions of the management portal. An attacker with network access to a DNS server could exploit this vulnerability to conduct a cross-site scripting attack...
Pi-hole cross-site scripting vulnerability (CNVD-2021-14160)
Pi-hole is a multi-platform, network-wide ad-blocking tool. A cross-site scripting vulnerability exists in Pi-hole 5.0, 5.1, 5.1.1. The vulnerability stems from insufficient validation of user-supplied data. An attacker can exploit this vulnerability to inject arbitrary web script or HTML via the...