Crlf injection

2006-04-1123:02:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

Low

0.033 Low

EPSS

Percentile

91.3%

JSON

CRLF injection vulnerability in index.php in Christoph Roeder phpMyForum 4.0 allows remote attackers to inject HTTP headers via hex-encoded CRLF sequences in the type parameter.

CPENameOperatorVersion
phpmyforumeq4.0

CPE	Name	Operator	Version
	phpmyforum	eq	4.0

References

www.securityfocus.com/archive/1/430480/100/0/threaded

www.securityfocus.com/archive/1/432455/100/0/threaded

www.securityfocus.com/bid/17420

exchange.xforce.ibmcloud.com/vulnerabilities/25750