Lucene search
K

2442 matches found

Prion
Prion
added 2013/06/03 9:55 p.m.18 views

Crlf injection

CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before 6.1.0.3 CF26, 6.1.5.x before 6.1.5 CF26, 7.0.0.x before 7.0.0.2 CF21, and 8.0.0.x through 8.0.0.1 CF5, when home substitution aka uri.home.substitution is enabled, allows remote authenticated users to inject arbitrary HTTP header...

3.5CVSS6.7AI score0.01425EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/06/03 9:0 p.m.22 views

CVE-2013-2950

CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before 6.1.0.3 CF26, 6.1.5.x before 6.1.5 CF26, 7.0.0.x before 7.0.0.2 CF21, and 8.0.0.x through 8.0.0.1 CF5, when home substitution aka uri.home.substitution is enabled, allows remote authenticated users to inject arbitrary HTTP header...

6.3AI score0.01425EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2013/03/31 12:0 a.m.30 views

Portal Web Services CRLF Injection / XSS

Exploit Title: Portal Web Services Cms CRLF injection + Cross Site Scripting Vulnerability + Exploit Author: Ashiyane Digital Security Team + Home : www.Ashiyane.org + Vendor Homepage: www.portalwebservices.com + Tested on: Windows 7 + Dork: intext:"Powered By : Portal Web Services"...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2013/03/21 6:57 p.m.13 views

DHS, ICS-CERT Warn of Siemens HMI Vulnerabilities

The Department of Homeland Security and the ICS-CERT issued an advisory yesterday warning of serious vulnerabilities in Siemens industrial control software deployed in a number of industries including water, gas and oil, and chemical. Siemens said it has patched the flaws in a new version of its...

0.2AI score
Exploits0References2
NVD
NVD
added 2013/03/21 2:55 p.m.14 views

CVE-2013-0670

CRLF injection vulnerability in the HMI web application in Siemens WinCC TIA Portal 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL...

4.3CVSS6.8AI score0.01539EPSS
Exploits0References2
Prion
Prion
added 2013/03/21 2:55 p.m.13 views

Crlf injection

CRLF injection vulnerability in the HMI web application in Siemens WinCC TIA Portal 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL...

4.3CVSS7.3AI score0.01539EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2013/03/21 2:0 p.m.53 views

CVE-2013-0670

Siemens WinCC (TIA Portal) 11 HMI Web application is affected by CVE-2013-0670 (CRLF injection). A crafted URL can lead to HTTP header injection and HTTP response splitting via the HMI Web server. Public sources (NVD, Red Hat cve page, ICS-CERT advisory) confirm the vulnerability in WinCC V11 and...

4.3CVSS7AI score0.01539EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2013/03/21 2:0 p.m.25 views

CVE-2013-0670

CRLF injection vulnerability in the HMI web application in Siemens WinCC TIA Portal 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL...

6.7AI score0.01539EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/03/12 12:0 a.m.38 views

CentOS Update for php CESA-2013:0514 centos6

Check for the Version of php OpenVAS Vulnerability Test CentOS Update for php CESA-2013:0514 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

10CVSS8.1AI score0.10467EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2013/03/10 12:0 a.m.261 views

CentOS 6 : php (CESA-2013:0514)

Updated php packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...

10CVSS8.9AI score0.10467EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2013/03/01 12:0 a.m.34 views

Scientific Linux Security Update : php on SL6.x i386/x86_64 (20130221)

It was found that PHP did not check for carriage returns in HTTP headers, allowing intended HTTP response splitting protections to be bypassed. Depending on the web browser the victim is using, a remote attacker could use this flaw to perform HTTP response splitting attacks. CVE-2011-1398 An...

10CVSS9.1AI score0.10467EPSS
Exploits3References4
Cent OS
Cent OS
added 2013/02/27 7:37 p.m.88 views

php security update

CentOS Errata and Security Advisory CESA-2013:0514 Updated php packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common...

10CVSS7.4AI score0.10467EPSS
Exploits3References7
NVD
NVD
added 2013/02/24 10:55 p.m.22 views

CVE-2012-6072

CRLF injection vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via...

4.3CVSS6.7AI score0.01832EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2013/02/24 10:55 p.m.31 views

CVE-2012-6072

CRLF injection vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via...

4.3CVSS5.9AI score0.01832EPSS
Exploits0References3
Prion
Prion
added 2013/02/24 10:55 p.m.32 views

Crlf injection

CRLF injection vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via...

4.3CVSS7.2AI score0.01832EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2013/02/24 10:0 p.m.82 views

CVE-2012-6072

CVE-2012-6072 is a CRLF injection vulnerability in Jenkins core exposed to remote attackers who can inject HTTP headers and trigger HTTP response splitting via unspecified vectors. Affected are Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.4...

4.3CVSS6.8AI score0.01832EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.59 views

TeamSHATTER Security Advisory: HTTP Response Splitting in Oracle EM (policyViewSettings) (CVE-2013-0354)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory HTTP Response Splitting in Oracle Enterprise Manager policyViewSettings February 20, 2013 Risk Level: Medium Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.2, 11.2.0.3 Remote exploitable: Y...

4.3CVSS6.2AI score0.01228EPSS
Exploits0
0day.today
0day.today
added 2013/02/23 12:0 a.m.24 views

EasyWebScripts eBay Clone Script SQL Injection / XSS Vulnerabilities

Exploit for php platform in category web applications / / / \ / / / / / / / / / / / // / / / / / / // / // / / / / | // / / / / / // / / / // / /,// /////,// ///// , / // EasyWebScripts eBay Clone Script, Multiple Vulnerabilities Software Page:...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2013/02/22 12:0 a.m.49 views

RedHat Update for php RHSA-2013:0514-02

Check for the Version of php OpenVAS Vulnerability Test RedHat Update for php RHSA-2013:0514-02 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

10CVSS8.1AI score0.10467EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2013/02/22 12:0 a.m.35 views

RedHat Update for php RHSA-2013:0514-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

10CVSS6.8AI score0.10467EPSS
Exploits3References5
Rows per page
Query Builder