Lucene search
K

2442 matches found

Exploit DB
Exploit DB
added 2012/06/05 12:0 a.m.36 views

pyrocms 2.1.1 - Multiple Vulnerabilities

PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability Vendor: HappyNinjas Ltd Product web page: http://www.pyrocms.com Affected version: 2.1.1 Community Summary: PyroCMS is a CMS built using the CodeIgniter PHP framework. Using an MVC architecture it was built with modularity in mind...

7.4AI score
Exploits0
0day.today
0day.today
added 2012/06/04 12:0 a.m.33 views

PyroCMS 2.1.1 CRLF Injection / Stored Cross Site Scripting

Exploit for php platform in category web applications PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability Vendor: HappyNinjas Ltd Product web page: http://www.pyrocms.com Affected version: 2.1.1 Community Summary: PyroCMS is a CMS built using the CodeIgniter PHP framework. Using an MVC...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/06/04 12:0 a.m.27 views

PyroCMS 2.1.1 CRLF Injection / Stored Cross Site Scripting

PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability Vendor: HappyNinjas Ltd Product web page: http://www.pyrocms.com Affected version: 2.1.1 Community Summary: PyroCMS is a CMS built using the CodeIgniter PHP framework. Using an MVC architecture it was built with modularity in mind...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/06/04 12:0 a.m.49 views

Tornado < 2.2.1 HTTP Response Splitting

According to its banner, the version of Tornado installed on the remote host is older than 2.2.1. As such, it may be affected by an HTTP response splitting vulnerability that may allow an unauthenticated, remote attacker to forge responses from a trusted server. C Tenable Network Security, Inc...

5CVSS5.5AI score0.01362EPSS
Exploits0References4
Zero Science Lab
Zero Science Lab
added 2012/06/04 12:0 a.m.54 views

PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability

Summary PyroCMS is a CMS built using the CodeIgniter PHP framework. Using an MVC architecture it was built with modularity in mind. Lightweight, themeable and dynamic. Description PyroCMS suffers from a stored XSS and HTTP Response Splitting vulnerability when parsing user input to the 'title' an...

6.1AI score
Exploits0
NVD
NVD
added 2012/05/27 8:55 p.m.34 views

CVE-2012-2943

CRLF injection vulnerability in cryptographp.inc.php in Cryptographp allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the cfg parameter...

5CVSS6.3AI score0.01992EPSS
Exploits0References3
Cvelist
Cvelist
added 2012/05/27 8:0 p.m.31 views

CVE-2012-2943

CRLF injection vulnerability in cryptographp.inc.php in Cryptographp allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the cfg parameter...

6.3AI score0.01992EPSS
Exploits0References3
CVE
CVE
added 2012/05/27 8:0 p.m.74 views

CVE-2012-2943

CVE-2012-2943 describes a CRLF injection in Cryptographp’s cryptographp.inc.php, exploitable via the cfg parameter to inject arbitrary HTTP headers and enable HTTP response splitting. Connected documents tie this to Monstra CMS 3.0.4 as a related issue (through CVE-2018-16979), but explicit fixes...

5CVSS6.2AI score0.01992EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2012/05/23 8:55 p.m.7 views

CVE-2012-2374

CRLF injection vulnerability in the tornado.web.RequestHandler.setheader function in Tornado before 2.2.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input...

5CVSS6.7AI score0.01362EPSS
Exploits0References5
OSV
OSV
added 2012/05/23 8:55 p.m.3 views

CVE-2012-2374

CRLF injection vulnerability in the tornado.web.RequestHandler.setheader function in Tornado before 2.2.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input...

6.7AI score
Exploits0References5
Prion
Prion
added 2012/05/23 8:55 p.m.7 views

Crlf injection

CRLF injection vulnerability in the tornado.web.RequestHandler.setheader function in Tornado before 2.2.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input...

5CVSS7.3AI score0.01362EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2012/05/23 8:55 p.m.15 views

CVE-2012-2374

CRLF injection vulnerability in the tornado.web.RequestHandler.setheader function in Tornado before 2.2.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input...

5CVSS5.9AI score0.01362EPSS
Exploits0References3
OSV
OSV
added 2012/05/23 8:55 p.m.14 views

PYSEC-2012-5

CRLF injection vulnerability in the tornado.web.RequestHandler.setheader function in Tornado before 2.2.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input...

5CVSS5.3AI score0.01362EPSS
Exploits0References6
Cvelist
Cvelist
added 2012/05/23 8:0 p.m.30 views

CVE-2012-2374

CRLF injection vulnerability in the tornado.web.RequestHandler.setheader function in Tornado before 2.2.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input...

6.6AI score0.01362EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2012/05/23 8:0 p.m.19 views

CVE-2012-2374

CRLF injection vulnerability in the tornado.web.RequestHandler.setheader function in Tornado before 2.2.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input...

5CVSS6.9AI score0.01362EPSS
Exploits0
Packet Storm
Packet Storm
added 2012/05/18 12:0 a.m.18 views

Cryptographp Local File Inclusion / HTTP Response Splitting

During a security assessment, I’ve found that my target was using Cryptographp which is a PHP script used for generate « captchas ». It was easily noticeable when I’ve found the following URL: http://WWWW/cryptographp.inc.php?cfg=XX&sn=YYYY&ZZZZ So I've decided to take a look at the source code a...

7.4AI score
Exploits0
0day.today
0day.today
added 2012/05/18 12:0 a.m.19 views

Cryptographp Local File Inclusion / HTTP Response Splitting

Exploit for php platform in category web applications During a security assessment, I’ve found that my target was using Cryptographp which is a PHP script used for generate « captchas ». It was easily noticeable when I’ve found the following URL: http://WWWW/cryptographp.inc.php?cfg=XX&sn=YYYY&ZZ...

7.1AI score
Exploits0
myhack58
myhack58
added 2012/05/17 12:0 a.m.30 views

HTTP Protocol header injection vulnerability-vulnerability warning-the black bar safety net

HTTP response header file contains unverified data will lead to cache-poisoning, cross-site scripting, cross-user defacement, page hijacking, cookie manipulation or open redirect. HTTP Protocol header injection vulnerability principles The following cases will appear in the HTTP Protocol header...

0.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2012/05/14 12:0 a.m.2 views

Mozilla Multiple Products Multiple Location Headers CRLF Injection (CVE-2011-3000)

An HTTP response splitting vulnerability has been reported in Mozilla Firefox, Thunderbird and SeaMonkey...

9.1AI score0.02018EPSS
Exploits0
Cisco
Cisco
added 2012/05/10 8:50 p.m.42 views

CiscoWorks Prime LAN Management Solution CRLF Injection and HTTP Response Splitting Vulnerability

Cisco Prime LAN Management Solution versions prior to 4.2 contain a vulnerability that could allow an unauthenticated, remote attacker to inject arbitrary code and conduct HTTP response-splitting attacks on a targeted system. The vulnerability exists because the affected software improperly...

4.3CVSS7AI score0.01168EPSS
Exploits0References1
Rows per page
Query Builder