Medium
CVSS: 5.4
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions 6.0 and above have a Stored HTML Injection vulnerability in the active sessions table located on the AP…
Medium
CVSS: 5.4
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions 6.4 and below are vulnerable to stored HTML injection through the local DNS records configuration page,…
High
CVSS: 8.2
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface before 6.3 is vulnerable to Carriage Return Line Feed (CRLF) injection. When a…
Medium
CVSS: 5.1
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions 6.2.1 and earlier are vulnerable to reflected cross-site scripting (X…
Low
CVSS: 2.0
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions prior to 6.3 are vulnerable to cross-site scripting (XSS) via the Add…
Critical
CVSS: 9.0
An authenticated command injection vulnerability exists in Pi-hole versions up to 3.3. When adding a domain to the allowlist via the web interface, the domain parameter is not properly sanitized, allowing an attacker to append OS commands t…