Lucene search
K

2442 matches found

Packet Storm
Packet Storm
added 2010/12/22 12:0 a.m.26 views

Social Share 2010-06-05 HTTP Response Splitting

www.eVuln.com advisory: HTTP Response Splitting in Social Share Summary: http://evuln.com/vulns/168/summary.html Details: http://evuln.com/vulns/168/description.html -----------Summary----------- eVuln ID: EV0168 Software: Social Share Vendor: n/a Version: 2010-06-05 Critical Level: low Type: HTT...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/12/13 12:0 a.m.224 views

Oracle iPlanet Web Server 7.0.x < 7.0.9 Multiple Vulnerabilities

According to its self-reported version, the Oracle iPlanet Web Server formerly known as Sun Java System Web Server running on the remote host is 7.0.x prior to 7.0.9. It is, therefore, affected by multiple vulnerabilities : - An unspecified file disclosure vulnerability exists in the WebDAV...

5.8CVSS5.7AI score0.04485EPSS
Exploits0References6
securityvulns
securityvulns
added 2010/12/12 12:0 a.m.167 views

www.eVuln.com : HTTP Response Splitting in WWWThreads &#40;php version&#41;

www.eVuln.com advisory: HTTP Response Splitting in WWWThreads php version Summary: http://evuln.com/vulns/156/summary.html Details: http://evuln.com/vulns/156/description.html -----------Summary----------- eVuln ID: EV0156 Software: n/a Vendor: WWWThreads Version: 2006.11.25 Critical Level: low...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2010/12/10 12:0 a.m.19 views

Social Share - vote.php HTTP Response Splitting

Social Share - vote.php HTTP Response Splitting source: https://www.securityfocus.com/bid/45550/info Social Share is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how w...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/12/10 12:0 a.m.20 views

Social Share - &#039;vote.php&#039; HTTP Response Splitting

source: https://www.securityfocus.com/bid/45550/info Social Share is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. Th...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2010/12/08 12:0 a.m.21 views

WWWThreads HTTP Response Splitting

www.eVuln.com advisory: HTTP Response Splitting in WWWThreads php version Summary: http://evuln.com/vulns/156/summary.html Details: http://evuln.com/vulns/156/description.html -----------Summary----------- eVuln ID: EV0156 Software: n/a Vendor: WWWThreads Version: 2006.11.25 Critical Level: low...

7.4AI score
Exploits0
OSV
OSV
added 2010/12/06 8:13 p.m.6 views

CVE-2010-4410

CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...

6.8AI score
Exploits0References24
OSV
OSV
added 2010/12/06 8:13 p.m.6 views

CVE-2010-4411

Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761...

6.7AI score
Exploits0References15
NVD
NVD
added 2010/12/06 8:13 p.m.24 views

CVE-2010-4410

CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...

4.3CVSS9AI score0.02045EPSS
Exploits0References24
Prion
Prion
added 2010/12/06 8:13 p.m.24 views

Crlf injection

CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...

4.3CVSS6.9AI score0.02713EPSS
Exploits0References24Affected Software2
NVD
NVD
added 2010/12/06 8:12 p.m.26 views

CVE-2010-2761

The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...

4.3CVSS9.1AI score0.02713EPSS
Exploits0References35
OSV
OSV
added 2010/12/06 8:12 p.m.9 views

CVE-2010-2761

The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...

6.6AI score
Exploits0References35
Cvelist
Cvelist
added 2010/12/06 8:0 p.m.24 views

CVE-2010-2761

The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...

9.2AI score0.02713EPSS
Exploits0References35
CVE
CVE
added 2010/12/06 8:0 p.m.97 views

CVE-2010-2761

CVE-2010-2761 affects CGI.pm (before 3.50) and CGI::Simple (CGI::Simple 1.112 and earlier). The multipart_init function uses a hardcoded MIME boundary in multipart/x-mixed-replace, enabling remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via crafted input. Re...

4.3CVSS9AI score0.02713EPSS
Exploits0References35Affected Software2
Debian CVE
Debian CVE
added 2010/12/06 8:0 p.m.32 views

CVE-2010-4411

Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761...

4.3CVSS9.4AI score0.02579EPSS
Exploits0
Debian CVE
Debian CVE
added 2010/12/06 8:0 p.m.35 views

CVE-2010-4410

CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...

4.3CVSS9.2AI score0.02045EPSS
Exploits0
CVE
CVE
added 2010/12/06 8:0 p.m.87 views

CVE-2010-4410

CGI.pm (before 3.50) and CGI::Simple (1.112 and earlier) expose a CRLF injection in the header function that allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via non-whitespace characters that follow newline characters. This is a separate issue from CVE...

4.3CVSS8.9AI score0.02045EPSS
Exploits0References24Affected Software2
Debian CVE
Debian CVE
added 2010/12/06 8:0 p.m.34 views

CVE-2010-2761

The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...

4.3CVSS9.2AI score0.02713EPSS
Exploits0
Cvelist
Cvelist
added 2010/12/06 8:0 p.m.28 views

CVE-2010-4410

CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...

9.1AI score0.02045EPSS
Exploits0References24
CVE
CVE
added 2010/12/06 8:0 p.m.71 views

CVE-2010-4411

CVE-2010-4411 affects CGI.pm (and CGI::Simple) up to version 3.50 and earlier, allowing remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via unknown vectors. The description notes this issue exists because of an incomplete fix for CVE-2010-2761, linking the tw...

4.3CVSS9.1AI score0.02579EPSS
Exploits0References15Affected Software1
Rows per page
Query Builder