Lucene search
K

2442 matches found

Core Security
Core Security
added 2009/04/21 12:0 a.m.28 views

HTTP Response Splitting vulnerability in Sun Delegated Administrator

Advisory ID Internal CORE-2009-0114 1. Advisory Information Title: HTTP Response Splitting vulnerability in Sun Delegated Administrator Advisory ID: CORE-2009-0114 Date published: 2009-04-21 Date of last update: 2009-04-21 Vendors contacted: Sun Microsystems Release mode: Coordinated release 2...

6.8CVSS6.2AI score0.07183EPSS
Exploits2
exploitpack
exploitpack
added 2009/04/21 12:0 a.m.14 views

Sun Java System Delegated Administrator 6.x - HTTP Response Splitting

Sun Java System Delegated Administrator 6.x - HTTP Response Splitting source: https://www.securityfocus.com/bid/34643/info Sun Java System Delegated Administrator is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can...

Exploits0
Exploit DB
Exploit DB
added 2009/04/21 12:0 a.m.23 views

Sun Java System Delegated Administrator 6.x - HTTP Response Splitting

source: https://www.securityfocus.com/bid/34643/info Sun Java System Delegated Administrator is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is served,...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.22 views

Mandriva Update for mono MDVSA-2008:210-1 (mono)

Check for the Version of mono OpenVAS Vulnerability Test Mandriva Update for mono MDVSA-2008:210-1 mono Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

4.3CVSS6.4AI score0.07102EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.19 views

Mandriva Update for mono MDVSA-2008:210 (mono)

Check for the Version of mono OpenVAS Vulnerability Test Mandriva Update for mono MDVSA-2008:210 mono Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

4.3CVSS6.4AI score0.07102EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/03/31 12:0 a.m.30 views

Fedora Core 9 FEDORA-2009-2984 (phpMyAdmin)

The remote host is missing an update to phpMyAdmin announced via advisory FEDORA-2009-2984. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

9.8CVSS9.6AI score0.95438EPSS
Exploits16References7
OpenVAS
OpenVAS
added 2009/03/31 12:0 a.m.33 views

Fedora Core 10 FEDORA-2009-3006 (phpMyAdmin)

The remote host is missing an update to phpMyAdmin announced via advisory FEDORA-2009-3006. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

9.8CVSS9.6AI score0.95438EPSS
Exploits16References7
Tenable Nessus
Tenable Nessus
added 2009/03/27 12:0 a.m.15 views

Fedora 9 : phpMyAdmin-3.1.3.1-1.fc9 (2009-2984)

Improvements for 3.1.3.1: - security HTTP Response Splitting and file inclusion vulnerabilities - security XSS vulnerability on export page - security Insufficient output sanitizing when generating configuration file Note that Tenable Network Security has extracted the preceding description block...

5.4AI score
Exploits0References2
Prion
Prion
added 2009/03/26 2:30 p.m.16 views

Crlf injection

CRLF injection vulnerability in bsdispasmimetype.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the 1 ctype and possibly 2 filetype parameters...

7.5CVSS7.4AI score0.01433EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2009/03/26 2:30 p.m.4 views

CVE-2009-1149

CRLF injection vulnerability in bsdispasmimetype.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the 1 ctype and possibly 2 filetype parameters...

6.8AI score
Exploits0References6
Debian CVE
Debian CVE
added 2009/03/26 2:0 p.m.30 views

CVE-2009-1149

CRLF injection vulnerability in bsdispasmimetype.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the 1 ctype and possibly 2 filetype parameters...

7.5CVSS7AI score0.01433EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/03/26 12:0 a.m.31 views

phpMyAdmin BLOB Streaming Multiple Input Validation Vulnerabilities

phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTTP response-splitting vulnerability and a local file-include vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

7.5CVSS7.5AI score0.01586EPSS
Exploits0References1
NVD
NVD
added 2009/03/10 2:30 p.m.14 views

CVE-2009-0868

CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

6.8CVSS6.9AI score0.01868EPSS
Exploits0References4
Cvelist
Cvelist
added 2009/03/10 2:0 p.m.17 views

CVE-2009-0868

CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

6.9AI score0.01868EPSS
Exploits0References4
exploitpack
exploitpack
added 2009/02/26 12:0 a.m.10 views

APC PowerChute Network Shutdown - HTTP Response Splitting Cross-Site Scripting

APC PowerChute Network Shutdown - HTTP Response Splitting Cross-Site Scripting source: https://www.securityfocus.com/bid/33924/info APC PowerChute Network Shutdown is prone to an HTTP-response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2009/02/26 12:0 a.m.35 views

APC PowerChute Network Shutdown - HTTP Response Splitting / Cross-Site Scripting

source: https://www.securityfocus.com/bid/33924/info APC PowerChute Network Shutdown is prone to an HTTP-response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2009/02/18 12:0 a.m.33 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Relay: HTTP response splitting, SQL injection, directory traversal...

0.1AI score
Exploits0References2Affected Software2
Prion
Prion
added 2009/02/11 5:30 p.m.14 views

Crlf injection

CRLF injection vulnerability in SocialEngine SE 2.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the PHPSESSID cookie...

7.5CVSS7.5AI score0.01345EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2009/02/11 5:25 p.m.19 views

CVE-2008-6121

CRLF injection vulnerability in SocialEngine SE 2.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the PHPSESSID cookie...

7AI score0.01345EPSS
Exploits0References3
CVE
CVE
added 2009/02/11 5:25 p.m.43 views

CVE-2008-6121

CVE-2008-6121 describes a CRLF injection vulnerability in SocialEngine versions 2.7 and earlier. The issue allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via the PHPSESSID cookie. Affected software: SocialEngine 2.7 and earlier. Underlying cause: CRLF...

7.5CVSS7.2AI score0.01345EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder