Nginx Proxy Manager@* Security Vulnerabilities and Issues — Nginx Proxy Manager@* CVE List

Lucene search

Jc21Nginx Proxy Manager*

3 matches found

CVE•added 2019/08/23 3:15 p.m.•66 views

CVE-2019-15517

jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal.

5.5CVSS5.5AI score0.00172EPSS

CVE•added 2023/01/20 8:15 a.m.•61 views

CVE-2023-23596

jc21 NGINX Proxy Manager through 2.9.19 allows OS command injection. When creating an access list, the backend builds an htpasswd file with crafted username and/or password input that is concatenated without any validation, and is directly passed to the exec command, potentially allowing an authent...

8.8CVSS9.3AI score0.01374EPSS

CVE•added 2024/07/04 9:15 p.m.•55 views

CVE-2024-39935

jc21 NGINX Proxy Manager before 2.11.3 allows backend/internal/certificate.js OS command injection by an authenticated user (with certificate management privileges) via untrusted input to the DNS provider configuration. NOTE: this is not part of any NGINX software shipped by F5.

8.8CVSS7.4AI score0.01386EPSS