Lucene search
K

2442 matches found

Exploit DB
Exploit DB
added 2014/03/20 12:0 a.m.41 views

OXID eShop < 4.7.11/5.0.11 / < 4.8.4/5.1.4 - Multiple Vulnerabilities

Exploit Title: OXID eShop v4.7.11/5.0.11 + v4.8.4/5.1.4 Multiple Vulnerabilities Google Dork: - Date: 12/2013 Exploit Author: //sToRm Author mail: [email protected] Vendor Homepage: http://www.oxid-esales.com Software Link: - Version: All versions 4.7.11/5.0.11 + All versions 4.8.4/5.1....

6.1CVSS6.2AI score0.02403EPSS
Exploits7
ICS
ICS
added 2014/01/25 7:0 a.m.51 views

Siemens SIMATIC S7-1200 CPU Web Vulnerabilities

OVERVIEW Siemens ProductCERT and Ralf Spenneberg, Hendrik Schwartke, and Maik Brüggemann from OpenSource Training have reported two vulnerabilities in the Siemens SIMATIC S7-1200 CPU family. Siemens has produced a new product release that mitigates these vulnerabilities. AFFECTED PRODUCTS The...

5.8CVSS6.1AI score0.2095EPSS
Exploits4References10
seebug.org
seebug.org
added 2014/01/13 12:0 a.m.27 views

Conceptronic C54APM HTTP应答拆分漏洞

CVE ID:CVE-2013-1406 Conceptronic C54APM是一款无线AP设备。 Conceptronic C54APM存在HTTP应答拆分攻击,允许攻击者利用漏洞注入HTTP头,可操作应用程序的cookie,验证状态等。 0 Conceptronic C54APM v2.0 1.26 目前没有详细解决方案提供: http://www.conceptronic.net/es/downloadlist.php?stype=3&productid=341...

7.2CVSS6.4AI score0.00968EPSS
Exploits3
NVD
NVD
added 2014/01/10 4:47 p.m.21 views

CVE-2014-1406

CRLF injection vulnerability in goform/formWlSiteSurvey on the Conceptronic C54APM access point with runtime code 1.26 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the submit-url parameter in a Refresh action...

4.3CVSS7.1AI score0.00982EPSS
Exploits1References1
Prion
Prion
added 2014/01/10 4:47 p.m.15 views

Crlf injection

CRLF injection vulnerability in goform/formWlSiteSurvey on the Conceptronic C54APM access point with runtime code 1.26 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the submit-url parameter in a Refresh action...

4.3CVSS7.7AI score0.00982EPSS
Exploits1References1Affected Software2
CVE
CVE
added 2014/01/10 4:0 p.m.42 views

CVE-2014-1406

CVE-2014-1406: CRLF injection in goform/formWlSiteSurvey on Conceptronic C54APM (runtime 1.26) allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via the submit-url parameter in a Refresh action. Documents identify the affected component and vulnerability...

4.3CVSS7.3AI score0.00982EPSS
Exploits1References1Affected Software2
OpenVAS
OpenVAS
added 2013/12/17 12:0 a.m.46 views

RedHat Update for php RHSA-2013:1814-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.9AI score0.35635EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2013/12/17 12:0 a.m.66 views

RedHat Update for php RHSA-2013:1814-01

Check for the Version of php OpenVAS Vulnerability Test RedHat Update for php RHSA-2013:1814-01 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

10CVSS0.35635EPSS
Exploits9References2
Tenable Nessus
Tenable Nessus
added 2013/12/12 12:0 a.m.254 views

Scientific Linux Security Update : php on SL5.x i386/x86_64 (20131211)

A memory corruption flaw was found in the way the opensslx509parse function of the PHP openssl extension parsed X.509 certificates. A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP application using the...

10CVSS7.9AI score0.35635EPSS
Exploits9References5
RedHat Linux
RedHat Linux
added 2013/12/11 2:24 a.m.4 views

PHP: sapi_header_op() %0D sequence handling security bypass

The sapiheaderop function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences aka carriage return characters, which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction betwe...

4.3CVSS5.9AI score0.10173EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/12/11 2:24 a.m.88 views

Critical: Red Hat Security Advisory: php security update

Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

10CVSS7.3AI score0.35635EPSS
Exploits9References5
Tenable Nessus
Tenable Nessus
added 2013/12/11 12:0 a.m.254 views

RHEL 5 : php (RHSA-2013:1814)

Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

10CVSS8AI score0.35635EPSS
Exploits9References9
NVD
NVD
added 2013/11/02 6:55 p.m.28 views

CVE-2013-2652

CRLF injection vulnerability in help/helplanguage.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter...

4.3CVSS6.9AI score0.02528EPSS
Exploits2References8
Prion
Prion
added 2013/11/02 6:55 p.m.20 views

Crlf injection

CRLF injection vulnerability in help/helplanguage.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter...

4.3CVSS7.4AI score0.02528EPSS
Exploits2References8Affected Software1
Cvelist
Cvelist
added 2013/11/02 6:0 p.m.29 views

CVE-2013-2652

CRLF injection vulnerability in help/helplanguage.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item parameter...

6.9AI score0.02528EPSS
Exploits2References8
CVE
CVE
added 2013/11/02 6:0 p.m.57 views

CVE-2013-2652

CRLF injection vulnerability in WebCollab

4.3CVSS7.1AI score0.02528EPSS
Exploits2References8Affected Software1
Vulnerability Lab
Vulnerability Lab
added 2013/10/31 12:0 a.m.25 views

pdirl PHP Directory Listing 1.0.4 - Cross Site Vulnerabilities

Document Title: =============== pdirl PHP Directory Listing 1.0.4 - Cross Site Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1130 Release Date: ============= 2013-10-31 Vulnerability Laboratory ID VL-ID:...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2013/10/27 12:0 a.m.173 views

[ISecAuditors Security Advisories] HTTP Response Splitting Vulnerability in WebCollab <= v3.30

============================================= INTERNET SECURITY AUDITORS ALERT 2013-011 - Original release date: March 21st, 2013 - Last revised: March 21st, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 5/10 CVSS Base Score - CVE-ID: CVE-2013-2652...

4.3CVSS0.4AI score0.02528EPSS
Exploits2
Packet Storm
Packet Storm
added 2013/10/25 12:0 a.m.54 views

WebCollab 3.30 HTTP Response Splitting

============================================= INTERNET SECURITY AUDITORS ALERT 2013-011 - Original release date: March 21st, 2013 - Last revised: March 21st, 2013 - Discovered by: Manuel García Cárdenas - Severity: 5/10 CVSS Base Score - CVE-ID: CVE-2013-2652...

4.3CVSS0.02528EPSS
Exploits2
Cent OS
Cent OS
added 2013/10/07 12:42 p.m.106 views

php53 security update

CentOS Errata and Security Advisory CESA-2013:1307 Updated php53 packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common...

10CVSS7.3AI score0.10467EPSS
Exploits5References7
Rows per page
Query Builder