Lucene search
K

2442 matches found

0day.today
0day.today
added 2009/06/15 12:0 a.m.21 views

FormMail 1.92 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================= FormMail 1.92 Multiple Remote Vulnerabilities ============================================= FormMail 1.92 Multiple Vulnerabilities Name Multiple Vulnerabilities in FormMail Systems Affected...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/06/15 12:0 a.m.21 views

formmail 1.92 - Multiple Vulnerabilities

formmail 1.92 - Multiple Vulnerabilities FormMail 1.92 Multiple Vulnerabilities Name Multiple Vulnerabilities in FormMail Systems Affected FormMail 1.92 and possibly earlier versions Severity Medium Impact CVSSv2 Medium 4.3/10, vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Vendor...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2009/05/28 12:0 a.m.31 views

Cacti Multiple Input Validation Vulnerabilities

Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP response-splitting vulnerability. Attackers may exploit these vulnerabilities to influence or misrepresent how web...

7.5CVSS0.4AI score0.05246EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2009/05/28 12:0 a.m.21 views

Cacti < 0.8.7b Multiple Input Validation Vulnerabilities

Cacti is prone to multiple unspecified input-validation vulnerabilities. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fre...

6.4AI score
Exploits0References1
Prion
Prion
added 2009/05/22 8:30 p.m.14 views

Crlf injection

CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the redirect parameter...

5CVSS7.5AI score0.01972EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2009/05/22 8:30 p.m.12 views

CVE-2009-1777

CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the redirect parameter...

5CVSS7AI score0.01972EPSS
Exploits1References4
Cvelist
Cvelist
added 2009/05/22 8:0 p.m.16 views

CVE-2009-1777

CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the redirect parameter...

7AI score0.01972EPSS
Exploits1References4
CVE
CVE
added 2009/05/22 8:0 p.m.47 views

CVE-2009-1777

CVE-2009-1777 : CRLF injection vulnerability in Matt Wright FormMail 1.92 (and possibly earlier) allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via the redirect parameter. The vulnerability arises from insufficient input sanitization in FormMail.pl, e...

5CVSS7.3AI score0.01972EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2009/05/18 12:0 a.m.27 views

Multiple vulnerabilities in YaBook

Здравствуйте 3APA3A! Сообщаю вам о найденных мною SQL Injection, Redirector, HTTP Response Splitting, Information Leakage и Full path disclosure уязвимостях в YaBook. SQL Injection: http://site/guestbook/index.php?action=jump&id=-120union20select20version Redirector через SQL Injection:...

7.7AI score
Exploits0
OpenVAS
OpenVAS
added 2009/05/14 12:0 a.m.26 views

Matt Wright FormMail HTTP Response Splitting and XSS Vulnerabilities

FormMail is prone to an HTTP response splitting vulnerability and multiple cross-site scripting XSS vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

4.3CVSS5.9AI score0.01462EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2009/05/13 12:0 a.m.25 views

FormMail 1.92 XSS / HTTP Response Splitting

FormMail 1.92 Multiple Vulnerabilities Name Multiple Vulnerabilities in FormMail Systems Affected FormMail 1.92 and possibly earlier versions Severity Medium Impact CVSSv2 Medium 4.3/10, vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Vendor http://www.scriptarchive.com/formmail.html Advisory...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2009/05/12 12:0 a.m.49 views

FormMail 1.92 Multiple Vulnerabilities

FormMail 1.92 Multiple Vulnerabilities Name Multiple Vulnerabilities in FormMail Systems Affected FormMail 1.92 and possibly earlier versions Severity Medium Impact CVSSv2 Medium 4.3/10, vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Vendor http://www.scriptarchive.com/formmail.html Advisory...

6.3AI score
Exploits0
Prion
Prion
added 2009/05/08 6:30 p.m.15 views

Crlf injection

CRLF injection vulnerability in CGI RESCUE Web Mailer before 1.04 allows remote attackers to inject arbitrary HTTP headers, and conduct cross-site scripting XSS or HTTP response splitting attacks, via CRLF sequences in an unspecified web form...

4.3CVSS6.3AI score0.01065EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2009/05/08 6:0 p.m.42 views

CVE-2009-1591

CVE-2009-1591 affects CGI RESCUE Web Mailer prior to 1.04, where CRLF sequences in an unspecified web form enable HTTP header injection, enabling cross-site scripting (XSS) or HTTP response splitting. Public documentation consistently identifies Web Mailer v1.03 and earlier as affected. The under...

4.3CVSS6.3AI score0.01065EPSS
Exploits0References5Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/27 12:0 a.m.40 views

JVN#28020230 Web Mailer from CGI RESCUE vulnerable to HTTP header injection

Web Mailer from CGI RESCUE is a software that sends emails with contents that are input into a HTML form. Web Mailer contains a HTTP header injection vulnerability. Impact Falsified information may be displayed or an arbitrary script may be executed on the user's web browser. HTTP response...

4.3CVSS6.5AI score0.01065EPSS
Exploits0
NVD
NVD
added 2009/04/23 5:30 p.m.17 views

CVE-2009-1357

CRLF injection vulnerability in da/DA/Login in Sun Java System Delegated Administrator 6.2 through 6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the HELPPAGE parameter...

6.8CVSS6.9AI score0.07183EPSS
Exploits2References11
Prion
Prion
added 2009/04/23 5:30 p.m.18 views

Crlf injection

CRLF injection vulnerability in da/DA/Login in Sun Java System Delegated Administrator 6.2 through 6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the HELPPAGE parameter...

6.8CVSS7.3AI score0.07183EPSS
Exploits2References11Affected Software1
Cvelist
Cvelist
added 2009/04/23 5:0 p.m.29 views

CVE-2009-1357

CRLF injection vulnerability in da/DA/Login in Sun Java System Delegated Administrator 6.2 through 6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the HELPPAGE parameter...

6.8AI score0.07183EPSS
Exploits2References11
securityvulns
securityvulns
added 2009/04/23 12:0 a.m.66 views

CORE-2009-0114 - HTTP Response Splitting vulnerability in Sun Delegated Administrator

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ HTTP Response Splitting vulnerability in Sun Delegated Administrator 1. Advisory Information Title: HTTP Response Splitting vulnerability in Sun Delegated Administrat...

6.8CVSS0.07183EPSS
Exploits2
Packet Storm
Packet Storm
added 2009/04/22 12:0 a.m.58 views

Core Security Technologies Advisory 2009.0114

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ HTTP Response Splitting vulnerability in Sun Delegated Administrator 1. Advisory Information Title: HTTP Response Splitting vulnerability in Sun Delegated Administrat...

6.8CVSS0.7AI score0.07183EPSS
Exploits2
Rows per page
Query Builder