CVE-2024-26470

EPSS 0.15% · P35 Updated Feb 26, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-26470

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A host header injection vulnerability in the forgot password function of FullStackHero's WebAPI Boilerplate v1.0.0 and v1.0.1 allows attackers to leak the password reset token via a crafted request.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

FullStackHero WebAPI Boilerplate 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

FullStackHero WebAPI Boilerplate是FullStackHero社区的一个用于快速搭建 Web API 的模板项目。 FullStackHero WebAPI Boilerplate v1.0.0版本和v1.0.1版本存在安全漏洞，该漏洞源于forgot password功能存在主机头注入漏洞，攻击者可以通过特制的请求泄露密码重置令牌。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2024-26470

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-26470

请登录查看更多情报信息。

Same Patch Batch · n/a · 2024-02-27 · 30 CVEs total

CVE-2024-22251	5.9 MEDIUM	Out-of-bounds read vulnerability
CVE-2024-1925	5.0 MEDIUM	Ctcms Upsys.php unrestricted upload
CVE-2024-25398		Srelay 安全漏洞
CVE-2024-27508		Atheme 安全漏洞
CVE-2024-27507		libLAS 安全漏洞
CVE-2024-27356		GL.iNet product 安全漏洞
CVE-2024-26473		KLiK SocialMediaWebsite 安全漏洞
CVE-2024-26472		KLiK SocialMediaWebsite 安全漏洞
CVE-2024-26471		iBarn 安全漏洞
CVE-2024-26542		Bonitasoft 跨站脚本漏洞
CVE-2024-25846		PrestaShop 安全漏洞
CVE-2024-25843		PrestaShop 安全漏洞
CVE-2024-25841		PrestaShop 安全漏洞
CVE-2024-25840		PrestaShop 安全漏洞
CVE-2024-25723		ZenML 安全漏洞
CVE-2023-41506		Student Enrollment In PHP 安全漏洞
CVE-2024-25166		71CMS 安全漏洞
CVE-2024-25400		Subrion CMS 安全漏洞
CVE-2024-25399		Subrion CMS 安全漏洞
CVE-2024-24323		Litemall 安全漏洞

Showing top 20 of 30 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2024-26470

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-26470

I. Basic Information for CVE-2024-26470

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-26470

III. Intelligence Information for CVE-2024-26470

Same Patch Batch · n/a · 2024-02-27 · 30 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-26470

Leave a comment