Lucene search
+L

1376 matches found

Nuclei
Nuclei
added 11 hours ago55 views

Limit Login Attempts WordPress - Stored Cross-site Scripting

Limit Login Attempts WordPress plugin 4.0.50 contains a stored cross-site scripting caused by not escaping IP addresses controlled via headers like X-Forwarded-For before outputting them in reports, letting unauthenticated attackers execute scripts in admin context. id: CVE-2021-24657 info: name:...

6.1CVSS5.9AI score0.01595EPSS
Exploits2References2
Nuclei
Nuclei
added 11 hours ago79 views

Traefik - Open Redirect

Traefik before 1.7.26, 2.2.8, and 2.3.0-rc3 contains an open redirect vulnerability in the X-Forwarded-Prefix header. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-15129 info: name:...

6.1CVSS5.5AI score0.08011EPSS
Exploits0References5
CVE
CVE
added 4 days ago13 views

CVE-2026-55652

Wekan prior to v9.46 is vulnerable to a header-login bypass: the server trusts X-Forwarded-For via HEADER_LOGIN_TRUSTED_IPS in getRequestIp(), allowing unauthenticated users to request a login for any username and obtain a meteor_login_token (including admin), enabling full account takeover. The ...

9.8CVSS6.1AI score0.00355EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 5 days ago9 views

CVE-2026-9561

Eclipse Kura versions prior to 5.6.2 trust the client-supplied X-Forwarded-For HTTP header as the authoritative source of the client IP address in audit log entries. The org.eclipse.kura.web2 Web Console and org.eclipse.kura.rest.provider REST API components use this header as the primary IP sour...

8.8CVSS6.1AI score0.00204EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/09 9:30 p.m.37 views

CVE-2026-58122 Hermes WebUI < 0.51.307 Authentication Bypass via X-Forwarded-For Header Spoofing

Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to circumvent local-origin IP restrictions on onboarding endpoints by supplying a spoofed X-Forwarded-For header with a loopback address. Attackers can exploit this bypass to...

9.3CVSS0.00293EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/09 12:0 a.m.21 views

PT-2026-56988

Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.307 Description An authentication bypass exists that allows unauthenticated remote attackers to circumvent local-origin IP restrictions on onboarding endpoints. This is achieved by supplying a spoofed...

9.3CVSS6.2AI score0.00293EPSS
Exploits0References8
NVD
NVD
added 2026/07/08 5:17 p.m.10 views

CVE-2026-59897

Hono is a Web application framework that provides support for any JavaScript runtime. From 4.3.3 before 4.12.27, the AWS API Gateway v1 adapter can drop a distinct repeated request header value because it de-duplicates values using a substring comparison instead of an exact match, so middleware o...

5.3CVSS0.00126EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/08 4:6 p.m.34 views

CVE-2026-59897 Hono: API Gateway v1 adapter can drop a distinct repeated request header value during de-duplication

Hono is a Web application framework that provides support for any JavaScript runtime. From 4.3.3 before 4.12.27, the AWS API Gateway v1 adapter can drop a distinct repeated request header value because it de-duplicates values using a substring comparison instead of an exact match, so middleware o...

4.8CVSS0.00126EPSS
Exploits0References3
NVD
NVD
added 2026/07/08 1:16 a.m.7 views

CVE-2026-55430

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the workspace app proxy resolves the target app from httpapi.RequestHost which prefers the X-Forwarded-Host header over the real Host header. No middleware...

6.8CVSS0.00208EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/08 12:3 a.m.11 views

EUVD-2026-42136

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the workspace app proxy resolves the target app from httpapi.RequestHost which prefers the X-Forwarded-Host header over the real Host header. No middleware...

6.8CVSS6AI score0.00208EPSS
Exploits0References6
CVE
CVE
added 2026/07/08 12:3 a.m.17 views

CVE-2026-55430

Coder's workspace app (github.com/coder/coder) prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 trusts X-Forwarded-Host for routing because no middleware strips it before routing and httpapi.RequestHost() prefers that header over Host. This enables cross-app data access when subdomain (wildca...

6.8CVSS6AI score0.00208EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/07/07 3:1 a.m.6 views

CVE-2026-34198 Coolify: Password reset link poisoning via X-Forwarded-Host header spoofing

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the TrustProxies middleware trusts all proxies $proxies = '', accepting X-Forwarded-Host from any source. The TrustHosts middleware, intended to prevent host header attacks...

5.3CVSS6AI score0.00139EPSS
Exploits0References6
NVD
NVD
added 2026/07/06 9:16 p.m.11 views

CVE-2026-54764

Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's ForwardAuth middleware, even when configured with trustForwardHeader: false, derives the X-Forwarded-Port header sent to the authentication service from the original incoming request instead of t...

6.9CVSS0.0029EPSS
Exploits0References3
OSV
OSV
added 2026/07/06 9:5 p.m.6 views

GHSA-5G4W-3VW9-478W Coder's subdomain workspace app routing trusts unauthenticated X-Forwarded-Host header, enabling cross-app data access

Summary The workspace app proxy resolves the target app from httpapi.RequestHost which prefers the X-Forwarded-Host header over the real Host header. No middleware strips X-Forwarded-Host before routing and the header is not browser-forbidden so client-side JavaScript can set it on fetch calls...

5.8CVSS6AI score0.00208EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/07/06 9:5 p.m.7 views

Coder's subdomain workspace app routing trusts unauthenticated X-Forwarded-Host header, enabling cross-app data access

Summary The workspace app proxy resolves the target app from httpapi.RequestHost which prefers the X-Forwarded-Host header over the real Host header. No middleware strips X-Forwarded-Host before routing and the header is not browser-forbidden so client-side JavaScript can set it on fetch calls...

6.8CVSS6AI score0.00208EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/07/06 8:20 p.m.52 views

CVE-2026-54764 ForwardAuth middleware leaks X-Forwarded-Port spoofing via untrusted X-Forwarded-Proto when trustForwardHeader=false

Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's ForwardAuth middleware, even when configured with trustForwardHeader: false, derives the X-Forwarded-Port header sent to the authentication service from the original incoming request instead of t...

6.9CVSS0.0029EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:20 p.m.8 views

CVE-2026-54764

Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's ForwardAuth middleware, even when configured with trustForwardHeader: false, derives the X-Forwarded-Port header sent to the authentication service from the original incoming request instead of t...

6.9CVSS6AI score0.0029EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 2026/07/06 8:20 p.m.8 views

CVE-2026-54764

Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's ForwardAuth middleware, even when configured with trustForwardHeader: false, derives the X-Forwarded-Port header sent to the authentication service from the original incoming request instead of t...

6.9CVSS6AI score0.0029EPSS
Exploits0References3
CVE
CVE
added 2026/07/06 8:20 p.m.26 views

CVE-2026-54764

Summary of CVE-2026-54764 : Traefik’s ForwardAuth middleware can leak spoofed port information due to incorrect header handling when trustForwardHeader is false. Before fixes, the middleware derived X-Forwarded-Port from the original incoming request rather than the sanitized forwarded request, a...

6.9CVSS6AI score0.0029EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/07/06 8:20 p.m.5 views

CVE-2026-54764 ForwardAuth middleware leaks X-Forwarded-Port spoofing via untrusted X-Forwarded-Proto when trustForwardHeader=false

Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's ForwardAuth middleware, even when configured with trustForwardHeader: false, derives the X-Forwarded-Port header sent to the authentication service from the original incoming request instead of t...

6.9CVSS6AI score0.0029EPSS
Exploits0References5
Rows per page
Query Builder