2442 matches found
Unfixed HTTP Response Splitting vulnerability at 666vip.com
Security researcher xylitol, has submitted on 12/07/2008 a HTTP Response Splitting vulnerability affecting 666vip.com, which at the time of submission ranked 9093742 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/11/2008. It is currently...
CVE-2008-5189
CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirectto function...
CVE-2008-5189
CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirectto function...
CVE-2008-5189
CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirectto function...
CVE-2008-5189
CVE-2008-5189 is a CRLF header injection in Ruby on Rails prior to 2.0.5 that enables remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via a crafted URL to redirect_to. Affected: Rails 2.0.x up to 2.0.4. Remediation: upgrade Rails to 2.0.5 or newer where the r...
CVE-2008-5189
CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirectto function...
OpenNMS Multiple Vulnerabilities
OpenNMS Multiple Vulnerabilities BugSec | Security Advisory Moshe Ben-Abu | Security Expert Advisory URL PDF: http://www.bugsec.com/upfiles/OpenNMSMultipleVulnerabilities.pdf - Table of Contents - OPENNMS MULTIPLE VULNERABILITIES 1 Vendor 3 Application Description 3 OpenNMS HTTP Response Splittin...
opennms-xss.txt
OpenNMS Multiple Vulnerabilities BugSec | Security Advisory Moshe Ben-Abu | Security Expert Advisory URL PDF: http://www.bugsec.com/upfiles/OpenNMSMultipleVulnerabilities.pdf - Table of Contents - OPENNMS MULTIPLE VULNERABILITIES 1 Vendor 3 Application Description 3 OpenNMS HTTP Response Splittin...
OpenNMS < 1.5.96 Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ================================================ OpenNMS 1.5.96 Multiple Remote Vulnerabilities ================================================ Vendor ------ OpenNMS Group http://www.opennms.com OpenNMS Project http://www.opennms.org...
OpenNMS < 1.5.96 Multiple Remote Vulnerabilities
No description provided by source. OpenNMS Multiple Vulnerabilities -------------------------------- BugSec | Security Advisory Moshe Ben-Abu | Security Expert Advisory URL PDF: http://www.bugsec.com/upfiles/OpenNMSMultipleVulnerabilities.pdf Vendor ------ OpenNMS Group – http://www.opennms.com...
OpenNMS 1.5.x - HTTP Response Splitting
OpenNMS 1.5.x - HTTP Response Splitting source: https://www.securityfocus.com/bid/31577/info OpenNMS is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is...
OpenNMS 1.5.96 - Multiple Vulnerabilities
OpenNMS 1.5.96 - Multiple Vulnerabilities OpenNMS Multiple Vulnerabilities -------------------------------- BugSec | Security Advisory Moshe Ben-Abu | Security Expert Advisory URL PDF: http://www.bugsec.com/upfiles/OpenNMSMultipleVulnerabilities.pdf Vendor ------ OpenNMS Group –...
OpenNMS < 1.5.96 - Multiple Vulnerabilities
OpenNMS Multiple Vulnerabilities -------------------------------- BugSec | Security Advisory Moshe Ben-Abu | Security Expert Advisory URL PDF: http://www.bugsec.com/upfiles/OpenNMSMultipleVulnerabilities.pdf Vendor ------ OpenNMS Group – http://www.opennms.com OpenNMS Project –...
Gentoo Security Advisory GLSA 200409-23 (snipsnap)
The remote host is missing updates announced in advisory GLSA 200409-23. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200410-12 (wordpress)
The remote host is missing updates announced in advisory GLSA 200410-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200512-12 (Mantis)
The remote host is missing updates announced in advisory GLSA 200512-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200410-12 (wordpress)
The remote host is missing updates announced in advisory GLSA 200410-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200411-35 (phpwebsite)
The remote host is missing updates announced in advisory GLSA 200411-35. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200409-23 (snipsnap)
The remote host is missing updates announced in advisory GLSA 200409-23. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2008-3906
CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string...