Pi-hole

Web Interface

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2026-26953

Medienbericht
  • EPSS 0.11%
  • Veröffentlicht 19.02.2026 22:50:08
  • Zuletzt bearbeitet 20.02.2026 13:49:47

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions 6.0 and above have a Stored HTML Injection vulnerability in the active sessions table located on the API settings...

5.4

CVE-2026-26952

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 19.02.2026 22:43:58
  • Zuletzt bearbeitet 20.02.2026 13:49:47

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions 6.4 and below are vulnerable to stored HTML injection through the local DNS records configuration page, which allo...

8.2

CVE-2025-59151

Exploit
  • EPSS 0.09%
  • Veröffentlicht 27.10.2025 19:42:59
  • Zuletzt bearbeitet 18.12.2025 16:21:39

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface before 6.3 is vulnerable to Carriage Return Line Feed (CRLF) injection. When a request i...

6.1

CVE-2025-53533

Exploit
  • EPSS 0.07%
  • Veröffentlicht 27.10.2025 19:16:04
  • Zuletzt bearbeitet 18.12.2025 16:23:06

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions 6.2.1 and earlier are vulnerable to reflected cross-site scripting (XSS) via a ...

5.4

CVE-2025-32785

Exploit
  • EPSS 0.05%
  • Veröffentlicht 27.10.2025 18:44:15
  • Zuletzt bearbeitet 18.12.2025 16:18:10

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions prior to 6.3 are vulnerable to cross-site scripting (XSS) via the Address field...

8.8

CVE-2023-23614

Exploit
  • EPSS 0.2%
  • Veröffentlicht 26.01.2023 21:18:15
  • Zuletzt bearbeitet 21.11.2024 07:46:32

Pi-hole®'s Web interface (based off of AdminLTE) provides a central location to manage your Pi-hole. Versions 4.0 and above, prior to 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for...

5.4

CVE-2021-41175

Exploit
  • EPSS 0.43%
  • Veröffentlicht 26.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:25:40

Pi-hole's Web interface (based on AdminLTE) provides a central location to manage one's Pi-hole and review the statistics generated by FTLDNS. Prior to version 5.8, cross-site scripting is possible when adding a client via the groups-clients manageme...

6.1

CVE-2021-3811

Exploit
  • EPSS 0.18%
  • Veröffentlicht 17.09.2021 07:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:30

adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

6.1

CVE-2021-3812

Exploit
  • EPSS 0.18%
  • Veröffentlicht 17.09.2021 07:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:30

adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

7.5

CVE-2021-3706

Exploit
  • EPSS 0.15%
  • Veröffentlicht 15.09.2021 07:15:06
  • Zuletzt bearbeitet 21.11.2024 06:22:12

adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag