Lucene search
K

2442 matches found

myhack58
myhack58
added 2009/11/29 12:0 a.m.41 views

PHP vulnerability full solution-vulnerability warning-the black bar safety net

PHP web page security issues For PHP website mainly exist the following types of attacks: 1. Command injectionCommand Injection 2. eval injectionEval Injection 3. Client scripting attacksScript Insertion 4. Cross-site scripting attacksCross Site Scripting, XSS 5. SQL injectionattacksSQL injection...

0.4AI score
Exploits0
CVE
CVE
added 2009/11/27 8:45 p.m.57 views

CVE-2009-4086

CVE-2009-4086 relates to a CRLF injection vulnerability in the Xerver HTTP Server, specifically versions 4.31 and 4.32 . The issue allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting by sending certain byte sequences at the end of a URL. Public references ...

5CVSS6.8AI score0.04765EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2009/11/27 8:45 p.m.25 views

CVE-2009-4086

CRLF injection vulnerability in Xerver HTTP Server 4.31 and 4.32 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via certain byte sequences at the end of a URL. NOTE: some of these details are obtained from third party information...

6.8AI score0.04765EPSS
Exploits1References4
securityvulns
securityvulns
added 2009/11/25 12:0 a.m.34 views

Vulnerabilities in plugins for WordPress

Hello Bugtraq! I want to tell you about different vulnerabilities in plugins for WordPress. About some of them there were posts to the list earlier. This August I made a summary about all vulnerabilities in plugins for WordPress http://websecurity.com.ua/3397/, which I found during 2006-2009. In...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/11/25 12:0 a.m.46 views

Xerver HTTP Response Splitting

The version of Xerver running on the remote host has an HTTP response splitting vulnerability due to its failure to sanitize specially encoded carriage return and newline characters. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL, resulting in th...

5CVSS5.7AI score0.04765EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/11/20 12:0 a.m.30 views

Xerver HTTP Response Splitting Vulnerability

Xerver is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client...

5CVSS6.5AI score0.04765EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2009/11/19 12:0 a.m.20 views

Xerver 4.31, 4.32 HTTP Response Splitting

Discovered: 04-10-08 By: SecureState R&D Team - sasquatch Vendor Notified: 04-11-08 Vendor Response: 04-13-08 Vendor Notified: 10-07-09 Vendor Response: NONE Published: 11-18-09 Proof of Concept:...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2009/11/18 12:47 p.m.2 views

cups: Several XSS flaws in forms processed by CUPS web interface

The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a...

4.3CVSS5.7AI score0.0578EPSS
Exploits5References4
exploitpack
exploitpack
added 2009/11/18 12:0 a.m.7 views

Xerver 4.314.32 - HTTP Response Splitting

Xerver 4.314.32 - HTTP Response Splitting Xerver 4.31, 4.32 HTTP Response Splitting Discovered: 04-10-08 By: SecureState R&D Team - sasquatch Vendor Notified: 04-11-08 Vendor Response: 04-13-08 New version also vulnerable: 10-07-09 Tested Win32 v4.32 Vendor Notified: 10-07-09 Vendor Response: NON...

7.4AI score
Exploits0
0day.today
0day.today
added 2009/11/18 12:0 a.m.15 views

Xerver 4.31, 4.32 HTTP Response Splitting

Exploit for unknown platform in category web applications ========================================= Xerver 4.31, 4.32 HTTP Response Splitting ========================================= Xerver 4.31, 4.32 HTTP Response Splitting Discovered: 04-10-08 By: SecureState R&D Team - sasquatch Vendor...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2009/11/18 12:0 a.m.13 views

Xerver 4.31 4.32 HTTP Response Splitting

No description provided by source. Xerver 4.31, 4.32 HTTP Response Splitting Discovered: 04-10-08 By: SecureState R&D Team - sasquatch Vendor Notified: 04-11-08 Vendor Response: 04-13-08 New version also vulnerable: 10-07-09 Tested Win32 v4.32 Vendor Notified: 10-07-09 Vendor Response: NONE...

6.7AI score
Exploits0
Exploit DB
Exploit DB
added 2009/11/18 12:0 a.m.34 views

Xerver 4.31/4.32 - HTTP Response Splitting

Xerver 4.31, 4.32 HTTP Response Splitting Discovered: 04-10-08 By: SecureState R&D Team - sasquatch Vendor Notified: 04-11-08 Vendor Response: 04-13-08 New version also vulnerable: 10-07-09 Tested Win32 v4.32 Vendor Notified: 10-07-09 Vendor Response: NONE Published: 11-18-09 Proof of Concept:...

7AI score
Exploits0
NVD
NVD
added 2009/11/10 7:30 p.m.26 views

CVE-2009-2820

The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a...

4.3CVSS6.7AI score0.0578EPSS
Exploits5References15
OSV
OSV
added 2009/11/10 7:30 p.m.2 views

CVE-2009-2820

The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a...

6.6AI score
Exploits0References16
Prion
Prion
added 2009/11/10 7:30 p.m.19 views

Cross site scripting

The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a...

4.3CVSS5.2AI score0.0578EPSS
Exploits5References15Affected Software2
Cvelist
Cvelist
added 2009/11/10 7:0 p.m.21 views

CVE-2009-2820

The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a...

6.8AI score0.0578EPSS
Exploits5References15
CVE
CVE
added 2009/11/10 7:0 p.m.94 views

CVE-2009-2820

CVE-2009-2820 affects CUPS (web interface) prior to 1.4.2 on macOS X

4.3CVSS6.8AI score0.0578EPSS
Exploits5References15Affected Software1
Debian CVE
Debian CVE
added 2009/11/10 7:0 p.m.29 views

CVE-2009-2820

The web interface in CUPS before 1.4.2, as used on Apple Mac OS X before 10.6.2 and other platforms, does not properly handle 1 HTTP headers and 2 HTML templates, which allows remote attackers to conduct cross-site scripting XSS attacks and HTTP response splitting attacks via vectors related to a...

4.3CVSS6.9AI score0.0578EPSS
Exploits5
ThreatPost
ThreatPost
added 2009/11/09 10:22 p.m.8 views

Apple Plugs 58 Holes in Monster Mac OS X Update

Apple has dropped another mega-patch to cover a total of 58 documented vulnerabilities affecting the Mac OS X ecosystem. The majority of the flaws could allow a remote attacker to gain complete control of an unpatched system, meaning that this update carries an “extremely critical rating.” It...

0.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2009/08/24 12:0 a.m.37 views

RHEL 3 / 4 / 5 : flash-plugin (RHSA-2007:1126)

An updated Adobe Flash Player package that fixes a security issue is now available for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The flash-plugin package contains a...

9.3CVSS5.8AI score0.30065EPSS
Exploits4References18
Rows per page
Query Builder