Lucene search

K
cve[email protected]CVE-2006-5565
HistoryOct 27, 2006 - 4:07 p.m.

CVE-2006-5565

2006-10-2716:07:00
NVD-CWE-Other
web.nvd.nist.gov
23
crlf injection
maxdev md-pro
vulnerability
remote attackers
http headers

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

76.9%

CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary HTTP headers via a CRLF sequence in the (1) name, (2) file, (3) module, and (4) func parameters in (a) index.php; and the (5) file parameter in (b) modules.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

CPENameOperatorVersion
maxdev:md-promaxdev md-prole1.0.76

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

76.9%