CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-03-12 22:16:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
1c8fcc76f1ae397db8564ba47f1bd43a8a91a30a
CVEs-PoC/2016/CVE-2016-9014.md
0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00

18 lines
709 B
Markdown
Raw Blame History

### [CVE-2016-9014](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9014)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/leoChristofoli/CRUD-170406
Reference in New Issue View Git Blame Copy Permalink