2442 matches found
OXID eShop < 4.7.11/5.0.11 / < 4.8.4/5.1.4 - Multiple Vulnerabilities
Exploit Title: OXID eShop v4.7.11/5.0.11 + v4.8.4/5.1.4 Multiple Vulnerabilities Google Dork: - Date: 12/2013 Exploit Author: //sToRm Author mail: [email protected] Vendor Homepage: http://www.oxid-esales.com Software Link: - Version: All versions 4.7.11/5.0.11 + All versions 4.8.4/5.1....
Siemens SIMATIC S7-1200 CPU Web Vulnerabilities
OVERVIEW Siemens ProductCERT and Ralf Spenneberg, Hendrik Schwartke, and Maik Brüggemann from OpenSource Training have reported two vulnerabilities in the Siemens SIMATIC S7-1200 CPU family. Siemens has produced a new product release that mitigates these vulnerabilities. AFFECTED PRODUCTS The...
Conceptronic C54APM HTTP应答拆分漏洞
CVE ID:CVE-2013-1406 Conceptronic C54APM是一款无线AP设备。 Conceptronic C54APM存在HTTP应答拆分攻击,允许攻击者利用漏洞注入HTTP头,可操作应用程序的cookie,验证状态等。 0 Conceptronic C54APM v2.0 1.26 目前没有详细解决方案提供: http://www.conceptronic.net/es/downloadlist.php?stype=3&productid=341...
CVE-2014-1406
CRLF injection vulnerability in goform/formWlSiteSurvey on the Conceptronic C54APM access point with runtime code 1.26 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the submit-url parameter in a Refresh action...
Crlf injection
CRLF injection vulnerability in goform/formWlSiteSurvey on the Conceptronic C54APM access point with runtime code 1.26 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the submit-url parameter in a Refresh action...
CVE-2014-1406
CVE-2014-1406: CRLF injection in goform/formWlSiteSurvey on Conceptronic C54APM (runtime 1.26) allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via the submit-url parameter in a Refresh action. Documents identify the affected component and vulnerability...
RedHat Update for php RHSA-2013:1814-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for php RHSA-2013:1814-01
Check for the Version of php OpenVAS Vulnerability Test RedHat Update for php RHSA-2013:1814-01 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Scientific Linux Security Update : php on SL5.x i386/x86_64 (20131211)
A memory corruption flaw was found in the way the opensslx509parse function of the PHP openssl extension parsed X.509 certificates. A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP application using the...
PHP: sapi_header_op() %0D sequence handling security bypass
The sapiheaderop function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences aka carriage return characters, which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction betwe...
Critical: Red Hat Security Advisory: php security update
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
RHEL 5 : php (RHSA-2013:1814)
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
CVE-2013-2652
CRLF injection vulnerability in help/helplanguage.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter...
Crlf injection
CRLF injection vulnerability in help/helplanguage.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter...
CVE-2013-2652
CRLF injection vulnerability in help/helplanguage.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter...
CVE-2013-2652
CRLF injection vulnerability in WebCollab
pdirl PHP Directory Listing 1.0.4 - Cross Site Vulnerabilities
Document Title: =============== pdirl PHP Directory Listing 1.0.4 - Cross Site Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1130 Release Date: ============= 2013-10-31 Vulnerability Laboratory ID VL-ID:...
[ISecAuditors Security Advisories] HTTP Response Splitting Vulnerability in WebCollab <= v3.30
============================================= INTERNET SECURITY AUDITORS ALERT 2013-011 - Original release date: March 21st, 2013 - Last revised: March 21st, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 5/10 CVSS Base Score - CVE-ID: CVE-2013-2652...
WebCollab 3.30 HTTP Response Splitting
============================================= INTERNET SECURITY AUDITORS ALERT 2013-011 - Original release date: March 21st, 2013 - Last revised: March 21st, 2013 - Discovered by: Manuel García Cárdenas - Severity: 5/10 CVSS Base Score - CVE-ID: CVE-2013-2652...
php53 security update
CentOS Errata and Security Advisory CESA-2013:1307 Updated php53 packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common...