5 matches found
CVE-2024-23577
HCL Aftermarket EPC is vulnerable since the application does not have a validation for HOST header and accepts arbitrary hosts when requested in http protocol. When an application doesn’t adequately validate or sanitize this header, it can lead to several security risks, including Host header...
CVE-2024-23577
HCL Aftermarket EPC is vulnerable since the application does not have a validation for HOST header and accepts arbitrary hosts when requested in http protocol. When an application doesn’t adequately validate or sanitize this header, it can lead to several security risks, including Host header...
CVE-2024-23577
HCL Aftermarket EPC is vulnerable since the application does not have a validation for HOST header and accepts arbitrary hosts when requested in http protocol. When an application doesn’t adequately validate or sanitize this header, it can lead to several security risks, including Host header...
CVE-2024-23577
CVE-2024-23577 : The HCL Aftermarket EPC product is vulnerable due to lack of HOST header validation, allowing arbitrary hosts via HTTP. This can enable Host header poisoning and potential server misconfigurations. The available documents do not specify affected versions, exact vulnerable compone...
code_disclosure
This plugin greps every page in order to find code disclosures. Basically it greps for ?.? and %.% using the re module and reports findings. Code disclosures are usually generated due to web server misconfigurations, or wierd web application "features". Plugin type Grep Options This plugin doesnt...