Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pi-hole pi-hole 5.0 vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2020-35591
Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application does not generate a new session cookie after the user is logged in. A malicious user is able to create a new session cookie value and inject it to a victim. After the victim logs in, the injected cookie becomes ...
Pi-hole Pi-hole 5.0
Pi-hole Pi-hole 5.1
Pi-hole Pi-hole 5.1.1
312
VMScore
CVE-2020-35592
Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options header to the admin/ URI. A remote user is able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Reflected Cross-Site Scripting attack against other users and steal the ...
Pi-hole Pi-hole 5.0
Pi-hole Pi-hole 5.1
Pi-hole Pi-hole 5.1.1
641
VMScore
CVE-2020-14162
An issue exists in Pi-Hole up to and including 5.0. The local www-data user has sudo privileges to execute the pihole core script as root without a password, which could allow an malicious user to obtain root access via shell metacharacters to this script's setdns command.
Pi-hole Pi-hole
409
VMScore
CVE-2020-14971
Pi-hole up to and including 5.0 allows code injection in piholedhcp (the Static DHCP Leases section) by modifying Teleporter backup files and then restoring them. This occurs in settings.php. To exploit this, an attacker would request a backup of limited files via teleporter.php....
Pi-hole Pi-hole
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started