Lucene search
K

2442 matches found

Packet Storm
Packet Storm
added 2013/02/21 12:0 a.m.20 views

EasyWebScripts eBay Clone Script SQL Injection

/ / / \ / / / / / / / / / / / // / / / / / / // / // / / / / | // / / / / / // / / / // / /,// /////,// ///// , / // EasyWebScripts eBay Clone Script, Multiple Vulnerabilities Software Page: http://easywebscripts.com/productdetails.php?itemid=10 Script Demo: http://easywebscripts.com/ebay...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/02/21 12:0 a.m.56 views

RHEL 6 : php (RHSA-2013:0514)

Updated php packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...

10CVSS8.9AI score0.10467EPSS
Exploits3References8
RedHat Linux
RedHat Linux
added 2013/02/20 4:21 p.m.6 views

PHP: sapi_header_op() %0D sequence handling security bypass

The sapiheaderop function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences aka carriage return characters, which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction betwe...

4.3CVSS5.9AI score0.10173EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2013/01/21 12:0 a.m.35 views

CentOS Update for httpd CESA-2013:0130 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS7.3AI score0.6477EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2013/01/21 12:0 a.m.43 views

CentOS Update for httpd CESA-2013:0130 centos5

Check for the Version of httpd OpenVAS Vulnerability Test CentOS Update for httpd CESA-2013:0130 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

4.3CVSS7.7AI score0.6477EPSS
Exploits4References2
rdot
rdot
added 2013/01/20 12:0 a.m.506 views

Атаки через Request-Path + Баги IE

На эту тему скоро будет статейка на пару страниц прим. Хакер, апрель 2013. Идея ужасно банальная, но результат тестирования очень удивил + обнаружены интересные баги. Зачастую при тестировании забывают, что небезопасно могут обрабатываться не только Get/Post/Cookie параметры, но и Request-URI /...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/01/17 12:0 a.m.41 views

Scientific Linux Security Update : httpd on SL5.x i386/x86_64 (20130108)

Input sanitization flaws were found in the modnegotiation module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use these flaws to conduct cross-site scripting and HTTP response splitting attacks against users...

4.3CVSS7.4AI score0.6477EPSS
Exploits4References4
Cent OS
Cent OS
added 2013/01/09 8:52 p.m.110 views

httpd, mod_ssl security update

CentOS Errata and Security Advisory CESA-2013:0130 Updated httpd packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common...

4.3CVSS7AI score0.6477EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2013/01/08 4:30 a.m.64 views

Low: Red Hat Security Advisory: httpd security, bug fix, and enhancement update

Updated httpd packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give...

4.3CVSS7AI score0.6477EPSS
Exploits4References10
NVD
NVD
added 2012/12/05 5:55 p.m.30 views

CVE-2011-2732

CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter...

4.3CVSS6.9AI score0.04608EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2012/12/05 5:55 p.m.32 views

CVE-2011-2732

CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter...

4.3CVSS6AI score0.04608EPSS
Exploits1References3
Prion
Prion
added 2012/12/05 5:55 p.m.22 views

Crlf injection

CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter...

4.3CVSS7.3AI score0.04608EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2012/12/05 5:0 p.m.33 views

CVE-2011-2732

CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter...

6.8AI score0.04608EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2012/11/29 12:0 a.m.9 views

BugTracker.NET Multiple Security Vulnerabilities

BugTracker.NET is prone to SQL injection or XSS or file disclosure or HTTP response splitting vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

7.6AI score
Exploits0References6
NVD
NVD
added 2012/11/08 11:46 a.m.11 views

CVE-2012-4023

CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

4.3CVSS7AI score0.01168EPSS
Exploits0References3
Prion
Prion
added 2012/11/08 11:46 a.m.11 views

Crlf injection

CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

4.3CVSS7.4AI score0.01168EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2012/11/08 11:0 a.m.19 views

CVE-2012-4023

CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

7AI score0.01168EPSS
Exploits0References3
CVE
CVE
added 2012/11/08 11:0 a.m.42 views

CVE-2012-4023

Pebble (open source weblog system) is vulnerable to a CRLF/HTTP header injection in versions prior to 2.6.4. The issue allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via unspecified vectors, potentially forging content displayed to the user, executing...

4.3CVSS7.1AI score0.01168EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2012/10/26 12:0 a.m.71 views

MS Forefront Unified Access Gateway Remote Code Execution Vulnerabilities (2544641)

This host is missing an important security update according to Microsoft Bulletin MS11-079. OpenVAS Vulnerability Test $Id: secpodms11-079.nasl 5958 2017-04-17 09:02:19Z teissa $ MS Forefront Unified Access Gateway Remote Code Execution Vulnerabilities 2544641 Authors: Madhuri D Copyright:...

9.3CVSS0.5AI score0.17309EPSS
Exploits4References6
OpenVAS
OpenVAS
added 2012/10/26 12:0 a.m.15 views

Microsoft Forefront Unified Access Gateway Remote Code Execution Vulnerabilities (2544641)

This host is missing an important security update according to Microsoft Bulletin MS11-079. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS4.9AI score0.17309EPSS
Exploits4References10
Rows per page
Query Builder