Lucene search
+L

8 matches found

NVD
NVD
added 2026/04/30 5:16 p.m.5 views

CVE-2026-36757

A Server-Side Request Forgery SSRF in the /plugins/name/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

4.3CVSS0.00172EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.6 views

PT-2026-36119

A Server-Side Request Forgery SSRF in the /themes/name/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

6.5CVSS5.2AI score0.00209EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/30 12:0 a.m.34 views

CVE-2026-36759

A Server-Side Request Forgery SSRF in the /themes/name/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

0.00209EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.4 views

PT-2026-36129

A Server-Side Request Forgery SSRF in the /plugins/name/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

4.3CVSS5.2AI score0.00172EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/30 12:0 a.m.7 views

EUVD-2026-26385

A Server-Side Request Forgery SSRF in the /themes/name/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

6.5CVSS5.2AI score0.00209EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:0 a.m.3 views

CVE-2026-36757

A Server-Side Request Forgery SSRF in the /plugins/name/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

4.3CVSS5.2AI score0.00172EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.14 views

Halo 代码问题漏洞

Halo is a powerful and easy-to-use open-source website building tool developed by Halo. Version 2.22.14 of Halo contains a code vulnerability. This vulnerability stems from the /themes/name/upgrade-from-uri endpoint, where server-side request forgeing exists. This could allow authenticated...

6.5CVSS5.9AI score0.00209EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:0 a.m.6 views

CVE-2026-36759

A Server-Side Request Forgery SSRF in the /themes/name/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

5.2AI score0.00209EPSS
Exploits0References3
Rows per page
Query Builder