Lucene search

CVE-2013-2652

🗓️ 02 Nov 2013 18:03:55Reported by mitreType

cve🔗 web.nvd.nist.gov👁 35 Views🌐 WEB

CRLF injection vulnerability in WebCollab 3.30 and earlier, allows remote attackers to conduct HTTP response splitting attacks

Reporter	Title	Published	Views	Family All 7
Packet Storm	WebCollab 3.30 HTTP Response Splitting	25 Oct 201300:00	–	packetstorm
Prion	Crlf injection	2 Nov 201318:55	–	prion
OpenVAS	WebCollab 'item' Parameter HTTP Response Splitting Vulnerability	28 Oct 201300:00	–	openvas
securityvulns	[ISecAuditors Security Advisories] HTTP Response Splitting Vulnerability in WebCollab <= v3.30	27 Oct 201300:00	–	securityvulns
securityvulns	Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)	28 Oct 201300:00	–	securityvulns
NVD	CVE-2013-2652	2 Nov 201318:55	–	nvd
Cvelist	CVE-2013-2652	2 Nov 201318:00	–	cvelist

Nvd

Node

andrew_simpson webcollabRange≤3.30

andrew_simpson webcollabMatch1.3beta

andrew_simpson webcollabMatch1.30

andrew_simpson webcollabMatch1.31

andrew_simpson webcollabMatch1.32

andrew_simpson webcollabMatch1.40

andrew_simpson webcollabMatch1.41

andrew_simpson webcollabMatch1.42

andrew_simpson webcollabMatch1.50

andrew_simpson webcollabMatch1.51

andrew_simpson webcollabMatch1.60

andrew_simpson webcollabMatch1.60a

andrew_simpson webcollabMatch1.61

andrew_simpson webcollabMatch1.62

andrew_simpson webcollabMatch1.62a

andrew_simpson webcollabMatch1.70

andrew_simpson webcollabMatch1.71

andrew_simpson webcollabMatch1.71a

andrew_simpson webcollabMatch1.80

andrew_simpson webcollabMatch1.81

andrew_simpson webcollabMatch2.00

andrew_simpson webcollabMatch2.01

andrew_simpson webcollabMatch2.10

andrew_simpson webcollabMatch2.11

andrew_simpson webcollabMatch2.20

andrew_simpson webcollabMatch2.30

andrew_simpson webcollabMatch2.31

andrew_simpson webcollabMatch2.40

andrew_simpson webcollabMatch2.50

andrew_simpson webcollabMatch2.60

andrew_simpson webcollabMatch2.61

andrew_simpson webcollabMatch2.70

andrew_simpson webcollabMatch2.71

andrew_simpson webcollabMatch3.00

andrew_simpson webcollabMatch3.10

andrew_simpson webcollabMatch3.20

andrew_simpson webcollabMatch3.21

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/123771/WebCollab-3.30-HTTP-Response-Splitting.html
secunia	www.secunia.com/advisories/55235
archives	www.archives.neohapsis.com/archives/bugtraq/2013-10/0117.html
sourceforge	www.sourceforge.net/p/webcollab/mailman/message/31536457/
secunia	www.secunia.com/advisories/55295
osvdb	www.osvdb.org/98768
securityfocus	www.securityfocus.com/bid/63247
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/88177

Parameter	Position	Path	Description	CWE
item	query param	/help/help_language.php	CRLF injection vulnerability in the 'item' parameter that allows for HTTP response splitting attacks.	CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Nov 2013 18:55Current

7.1High risk

Vulners AI Score7.1

CVSS24.3

EPSS0.00269

CWE-79