Lucene search
K

6 matches found

CVE
CVE
added 2026/06/17 9:3 p.m.19 views

CVE-2026-50194

Steeltoe CVE-2026-50194 affects management endpoints when configured to listen on an alternate port. Versions 3.2.2–3.3.0 and 4.1.0 use the Host header to gate access instead of the socket port, enabling port-isolation bypass. Patches are in 3.4.0 and 4.2.0. If upgrading isn’t possible, apply exp...

8.2CVSS5.4AI score0.00238EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.10 views

CVE-2026-50635

LimeSurvey constructs account password-reset links from the client-supplied HTTP Host header without validating it. The optional allowedHosts allowlist that would constrain this is undefined in the default and documented configuration, so LSHttpRequest::checkIsAllowedHost results in no operation....

8.8CVSS5.5AI score0.00372EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-48152

LimeSurvey constructs account password-reset links from the client-supplied HTTP Host header without validating it. The optional allowedHosts allowlist that would constrain this is undefined in the default and documented configuration, so LSHttpRequest::checkIsAllowedHost results in no operation....

8.8CVSS5.5AI score0.00372EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/05 9:30 p.m.7 views

EUVD-2025-208327

A host header injection vulnerability in the mailer component of @perfood/couch-auth v0.26.0 allows attackers to obtain reset tokens and execute an account takeover via spoofing the HTTP Host header...

6AI score0.00352EPSS
Exploits0References4
NVD
NVD
added 2026/03/05 9:16 p.m.4 views

CVE-2025-70948

A host header injection vulnerability in the mailer component of @perfood/couch-auth v0.26.0 allows attackers to obtain reset tokens and execute an account takeover via spoofing the HTTP Host header...

9.3CVSS0.00352EPSS
Exploits0References3
0day.today
0day.today
added 2017/05/17 12:0 a.m.212 views

WordPress PHPMailer Host Header Command Injection Exploit

This Metasploit module exploits a command injection vulnerability in WordPress version 4.6 with Exim as an MTA via a spoofed Host header to PHPMailer, a mail-sending library that is bundled with WordPress. A valid WordPress username is required to exploit the vulnerability. Additionally, due to t...

7.5CVSS9.7AI score0.99714EPSS
Exploits58
Rows per page
Query Builder