Pi-hole

Web Interface

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2026-33405

  • EPSS 0.03%
  • Veröffentlicht 06.04.2026 15:23:32
  • Zuletzt bearbeitet 09.04.2026 18:30:03

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, the formatInfo() function in queries.js renders data.upstream, data.client.ip, and data.ede.text in...

6.1

CVE-2026-33406

Exploit
  • EPSS 0.04%
  • Veröffentlicht 06.04.2026 14:50:35
  • Zuletzt bearbeitet 14.04.2026 02:04:17

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, configuration values from the /api/config endpoint are placed directly into HTML value="" attribute...

6.1

CVE-2026-33404

  • EPSS 0.02%
  • Veröffentlicht 06.04.2026 14:48:45
  • Zuletzt bearbeitet 14.04.2026 19:16:29

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, client hostnames and IP addresses from the FTL database are rendered into the DOM without escaping ...

6.1

CVE-2026-33403

  • EPSS 0.07%
  • Veröffentlicht 06.04.2026 14:48:05
  • Zuletzt bearbeitet 10.04.2026 17:50:20

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, a reflected DOM-based XSS vulnerability in taillog.js allows an unauthenticated attacker to inject ...

9.8

CVE-2026-33765

  • EPSS 0.24%
  • Veröffentlicht 27.03.2026 19:46:57
  • Zuletzt bearbeitet 07.04.2026 18:15:39

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions prior to 6.0 have a critical OS Command Injection vulnerability in the savesettings.php file. The application take...

5.4

CVE-2026-26953

Medienbericht Exploit
  • EPSS 0.19%
  • Veröffentlicht 19.02.2026 22:50:08
  • Zuletzt bearbeitet 12.03.2026 16:28:40

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions 6.0 and above have a Stored HTML Injection vulnerability in the active sessions table located on the API settings...

5.4

CVE-2026-26952

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 19.02.2026 22:43:58
  • Zuletzt bearbeitet 12.03.2026 16:33:01

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions 6.4 and below are vulnerable to stored HTML injection through the local DNS records configuration page, which allo...

8.2

CVE-2025-59151

Exploit
  • EPSS 0.11%
  • Veröffentlicht 27.10.2025 19:42:59
  • Zuletzt bearbeitet 18.12.2025 16:21:39

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface before 6.3 is vulnerable to Carriage Return Line Feed (CRLF) injection. When a request i...

6.1

CVE-2025-53533

Exploit
  • EPSS 0.65%
  • Veröffentlicht 27.10.2025 19:16:04
  • Zuletzt bearbeitet 18.12.2025 16:23:06

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions 6.2.1 and earlier are vulnerable to reflected cross-site scripting (XSS) via a ...

5.4

CVE-2025-32785

Exploit
  • EPSS 0.03%
  • Veröffentlicht 27.10.2025 18:44:15
  • Zuletzt bearbeitet 18.12.2025 16:18:10

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions prior to 6.3 are vulnerable to cross-site scripting (XSS) via the Address field...