CVE-2024-39935

jc21 NGINX Proxy Manager before 2.11.3 allows backend/internal/certificate.js OS command injection by an authenticated user with certificate management privileges via untrusted input to the DNS provider configuration. NOTE: this is not part of any NGINX software shipped by F5...

EUVD-2019-6503

Malware in sbrugna...

EUVD-2022-32824

Malicious code in bioql PyPI...

EUVD-2025-25216

Malicious code in bioql PyPI...

EUVD-2023-27696

Malicious code in bioql PyPI...

CVE-2025-50579

A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due to improper validation of the Origin header. This misconfiguration enables attackers to intercept tokens using a simple browser script and exfiltrate them to a...

CVE-2025-50579

A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due to improper validation of the Origin header. This misconfiguration enables attackers to intercept tokens using a simple browser script and exfiltrate them to a...

CVE-2025-50579

A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due to improper validation of the Origin header. This misconfiguration enables attackers to intercept tokens using a simple browser script and exfiltrate them to a...

Nginx Proxy Manager 安全漏洞

Nginx Proxy Manager is a Docker container for Nginx Proxy Manager open source. It is used to manage Nginx proxy hosts through a simple and powerful interface. A security vulnerability exists in Nginx Proxy Manager version v2.12.3, which stems from an improperly configured CORS and could lead to a...

CVE-2025-50579

A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due to improper validation of the Origin header. This misconfiguration enables attackers to intercept tokens using a simple browser script and exfiltrate them to a...

CVE-2025-50579

A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due to improper validation of the Origin header. This misconfiguration enables attackers to intercept tokens using a simple browser script and exfiltrate them to a...

PT-2025-33735 · Unknown · Nginx Proxy Manager

Name of the Vulnerable Software and Affected Versions: Nginx Proxy Manager version 2.12.3 Description: A Cross-Origin Resource Sharing CORS misconfiguration allows unauthorized domains to access sensitive data, specifically JSON Web Tokens JWT, due to improper validation of the Origin header. Thi...

CVE-2023-23596

jc21 NGINX Proxy Manager through 2.9.19 allows OS command injection. When creating an access list, the backend builds an htpasswd file with crafted username and/or password input that is concatenated without any validation, and is directly passed to the exec command, potentially allowing an...

CVE-2023-27224

An issue found in NginxProxyManager v.2.9.19 allows an attacker to execute arbitrary code via a lua script to the configuration file...

CVE-2022-28379

jc21.com Nginx Proxy Manager before 2.9.17 allows XSS during item deletion...

CVE-2019-15517

jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal...

The vulnerability of the `requestLetsEncryptSslWithDnsChallenge` function in the NGINX Proxy Manager proxy server allows a attacker to execute arbitrary code.

The vulnerability of the requestLetsEncryptSslWithDnsChallenge function in the NGINX Proxy Manager proxy server is related to the lack of data cleansing measures at the management level. Exploiting this vulnerability could allow an attacker to execute arbitrary commands...

The vulnerability of the `requestLetsEncryptSsl` function in the NGINX Proxy Manager’s proxy server allows a hacker to execute arbitrary code.

The vulnerability of the requestLetsEncryptSsl function in the NGINX Proxy Manager’s proxy management module is related to the lack of measures taken to sanitize data at the control level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by adding a specially craft...

NginxProxyManager 安全漏洞

NginxProxyManager is NginxProxyManager individual developer's Docker container for managing Nginx proxy hosts with a simple, powerful interface. A security vulnerability exists in NginxProxyManager version 2.11.3, which stems from a command injection issue in the...

The vulnerability in the backend/script code of the proxy manager for NGINX Proxy Manager allows a perpetrator to execute arbitrary commands.

The vulnerability in the backend/script of the NGINX Proxy Manager for hosting management exists because measures to neutralize specific elements used in the operating system commands have not been taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...