Lucene search
K

2442 matches found

xssed
xssed
added 2008/12/07 12:0 a.m.10 views

Unfixed HTTP Response Splitting vulnerability at 666vip.com

Security researcher xylitol, has submitted on 12/07/2008 a HTTP Response Splitting vulnerability affecting 666vip.com, which at the time of submission ranked 9093742 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/11/2008. It is currently...

Exploits0References1
OSV
OSV
added 2008/11/21 12:0 p.m.13 views

CVE-2008-5189

CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirectto function...

6.6AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2008/11/21 12:0 p.m.31 views

CVE-2008-5189

CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirectto function...

5CVSS7.2AI score0.01546EPSS
Exploits0References1
Cvelist
Cvelist
added 2008/11/21 11:0 a.m.31 views

CVE-2008-5189

CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirectto function...

6.5AI score0.01546EPSS
Exploits0References5
CVE
CVE
added 2008/11/21 11:0 a.m.97 views

CVE-2008-5189

CVE-2008-5189 is a CRLF header injection in Ruby on Rails prior to 2.0.5 that enables remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via a crafted URL to redirect_to. Affected: Rails 2.0.x up to 2.0.4. Remediation: upgrade Rails to 2.0.5 or newer where the r...

5CVSS6.5AI score0.01546EPSS
Exploits0References5Affected Software2
Debian CVE
Debian CVE
added 2008/11/21 11:0 a.m.39 views

CVE-2008-5189

CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirectto function...

5CVSS6.8AI score0.01546EPSS
Exploits0
securityvulns
securityvulns
added 2008/10/09 12:0 a.m.45 views

OpenNMS Multiple Vulnerabilities

OpenNMS Multiple Vulnerabilities BugSec | Security Advisory Moshe Ben-Abu | Security Expert Advisory URL PDF: http://www.bugsec.com/upfiles/OpenNMSMultipleVulnerabilities.pdf - Table of Contents - OPENNMS MULTIPLE VULNERABILITIES 1 Vendor 3 Application Description 3 OpenNMS HTTP Response Splittin...

6.3AI score
Exploits0
Packet Storm
Packet Storm
added 2008/10/07 12:0 a.m.34 views

opennms-xss.txt

OpenNMS Multiple Vulnerabilities BugSec | Security Advisory Moshe Ben-Abu | Security Expert Advisory URL PDF: http://www.bugsec.com/upfiles/OpenNMSMultipleVulnerabilities.pdf - Table of Contents - OPENNMS MULTIPLE VULNERABILITIES 1 Vendor 3 Application Description 3 OpenNMS HTTP Response Splittin...

Exploits0
0day.today
0day.today
added 2008/10/05 12:0 a.m.32 views

OpenNMS < 1.5.96 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ================================================ OpenNMS 1.5.96 Multiple Remote Vulnerabilities ================================================ Vendor ------ OpenNMS Group http://www.opennms.com OpenNMS Project http://www.opennms.org...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/10/05 12:0 a.m.31 views

OpenNMS &lt; 1.5.96 Multiple Remote Vulnerabilities

No description provided by source. OpenNMS Multiple Vulnerabilities -------------------------------- BugSec | Security Advisory Moshe Ben-Abu | Security Expert Advisory URL PDF: http://www.bugsec.com/upfiles/OpenNMSMultipleVulnerabilities.pdf Vendor ------ OpenNMS Group – http://www.opennms.com...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/10/05 12:0 a.m.14 views

OpenNMS 1.5.x - HTTP Response Splitting

OpenNMS 1.5.x - HTTP Response Splitting source: https://www.securityfocus.com/bid/31577/info OpenNMS is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/10/05 12:0 a.m.29 views

OpenNMS 1.5.96 - Multiple Vulnerabilities

OpenNMS 1.5.96 - Multiple Vulnerabilities OpenNMS Multiple Vulnerabilities -------------------------------- BugSec | Security Advisory Moshe Ben-Abu | Security Expert Advisory URL PDF: http://www.bugsec.com/upfiles/OpenNMSMultipleVulnerabilities.pdf Vendor ------ OpenNMS Group –...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2008/10/05 12:0 a.m.35 views

OpenNMS &lt; 1.5.96 - Multiple Vulnerabilities

OpenNMS Multiple Vulnerabilities -------------------------------- BugSec | Security Advisory Moshe Ben-Abu | Security Expert Advisory URL PDF: http://www.bugsec.com/upfiles/OpenNMSMultipleVulnerabilities.pdf Vendor ------ OpenNMS Group – http://www.opennms.com OpenNMS Project –...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.16 views

Gentoo Security Advisory GLSA 200409-23 (snipsnap)

The remote host is missing updates announced in advisory GLSA 200409-23. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

5CVSS0.02437EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.21 views

Gentoo Security Advisory GLSA 200410-12 (wordpress)

The remote host is missing updates announced in advisory GLSA 200410-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

5CVSS0.5AI score0.11226EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.14 views

Gentoo Security Advisory GLSA 200512-12 (Mantis)

The remote host is missing updates announced in advisory GLSA 200512-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.03742EPSS
Exploits5References3
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.11 views

Gentoo Security Advisory GLSA 200410-12 (wordpress)

The remote host is missing updates announced in advisory GLSA 200410-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.1AI score0.11226EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.12 views

Gentoo Security Advisory GLSA 200411-35 (phpwebsite)

The remote host is missing updates announced in advisory GLSA 200411-35. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.2AI score0.01604EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.11 views

Gentoo Security Advisory GLSA 200409-23 (snipsnap)

The remote host is missing updates announced in advisory GLSA 200409-23. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.2AI score0.02437EPSS
Exploits1References3
NVD
NVD
added 2008/09/04 5:41 p.m.19 views

CVE-2008-3906

CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string...

4.3CVSS6.7AI score0.07102EPSS
Exploits1References11
Rows per page
Query Builder