Lucene search
K

2442 matches found

UbuntuCve
UbuntuCve
added 2008/09/04 5:41 p.m.23 views

CVE-2008-3906

CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string...

4.3CVSS6AI score0.07102EPSS
Exploits1References3
OSV
OSV
added 2008/09/04 5:41 p.m.7 views

CVE-2008-3906

CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string...

7AI score
Exploits0References11
Cvelist
Cvelist
added 2008/09/04 5:0 p.m.25 views

CVE-2008-3906

CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string...

6.6AI score0.07102EPSS
Exploits1References11
CVE
CVE
added 2008/09/04 5:0 p.m.71 views

CVE-2008-3906

CVE-2008-3906 is a CRLF injection vulnerability in Mono’s Sys.Web (versions 2.0 and earlier) that enables remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via CRLF sequences in the query string. Multiple advisories (Mandriva MDVSA-2008:210-1, Ubuntu USN-826-1,...

4.3CVSS6.6AI score0.07102EPSS
Exploits1References11Affected Software2
Debian CVE
Debian CVE
added 2008/09/04 5:0 p.m.25 views

CVE-2008-3906

CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string...

4.3CVSS6.9AI score0.07102EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.24 views

FreeBSD Ports: squid

The remote host is missing an update to the system as announced in the referenced advisory. VID 4e4bd2c2-6bd5-11d9-9e1e-c296ac722cb3 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

5CVSS0.1AI score0.40977EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.20 views

FreeBSD Ports: squid

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS6.6AI score0.40977EPSS
Exploits0References5
securityvulns
securityvulns
added 2008/09/01 12:0 a.m.39 views

Vulnerabilities in FeedBurner FeedSmith for WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Full path disclosure и HTTP Response Splitting + Cross-Site Scripting уязвимостях в плагине FeedBurner FeedSmith для WordPress. Который разрабатывается FeedBurner, принадлежащей компании Google. Full path disclosure:...

5.8AI score
Exploits0
xssed
xssed
added 2008/08/16 12:0 a.m.14 views

Unfixed HTTP Response Splitting vulnerability at www.unimelb.edu.au

Security researcher xylitol, has submitted on 16/08/2008 a HTTP Response Splitting vulnerability affecting www.unimelb.edu.au, which at the time of submission ranked 5662 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/09/2008. It is current...

Exploits0References1
xssed
xssed
added 2008/07/29 12:0 a.m.18 views

Unfixed HTTP Response Splitting vulnerability at gggnet.com

Security researcher xylitol, has submitted on 29/07/2008 a HTTP Response Splitting vulnerability affecting gggnet.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 03/10/2008. It is currently unfixed...

Exploits0References1
xssed
xssed
added 2008/07/15 12:0 a.m.13 views

Unfixed HTTP Response Splitting vulnerability at hypedesigns.com

Security researcher xylitol, has submitted on 15/07/2008 a HTTP Response Splitting vulnerability affecting hypedesigns.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 10/11/2008. It is currently...

Exploits0References1
xssed
xssed
added 2008/07/14 12:0 a.m.14 views

Unfixed HTTP Response Splitting vulnerability at cooldudes.com

Security researcher xylitol, has submitted on 14/07/2008 a HTTP Response Splitting vulnerability affecting cooldudes.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 10/11/2008. It is currently...

Exploits0References1
Cvelist
Cvelist
added 2008/05/28 3:0 p.m.23 views

CVE-2008-2497

CRLF injection vulnerability in Mambo before 4.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

7AI score0.01222EPSS
Exploits0References5
CVE
CVE
added 2008/05/28 3:0 p.m.68 views

CVE-2008-2497

CVE-2008-2497 affects Mambo prior to 4.6.4, with a CRLF injection vulnerability that lets remote attackers inject arbitrary HTTP headers and perform HTTP response splitting via unspecified vectors. The connected documents confirm the affected software and the underlying CRLF issue, but do not pro...

5CVSS7AI score0.01222EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2008/05/11 12:0 a.m.44 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. pMachinePro: HTTP Response Splitting...

4.3CVSS0.1AI score0.02183EPSS
Exploits3References4Affected Software4
securityvulns
securityvulns
added 2008/05/08 12:0 a.m.54 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. pMachinePro: HTTP Response Splitting...

10CVSS0.1AI score0.10503EPSS
Exploits3References8Affected Software9
securityvulns
securityvulns
added 2008/05/08 12:0 a.m.36 views

Vulnerability in pMachinePro

Здравствуйте 3APA3A! Сообщаю вам о найденной мною HTTP Response Splitting уязвимости в pMachinePro. Уязвимость в скрипте sitelaunch.php в параметре go. Которая может быть использована в частности для проведения Cross-Site Scripting атаки. XSS:...

Exploits0
Tenable Nessus
Tenable Nessus
added 2008/03/13 12:0 a.m.28 views

GLSA-200803-18 : Cacti: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200803-18 Cacti: Multiple vulnerabilities The following inputs are not properly sanitized before being processed: 'viewtype' parameter in the file graph.php, 'filter' parameter in the file graphview.php, 'action' and 'loginusernam...

7.5CVSS5.8AI score0.05246EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2008/03/13 12:0 a.m.42 views

GLSA-200803-19 : Apache: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200803-19 Apache: Multiple vulnerabilities Adrian Pastor and Amir Azam ProCheckUp reported that the HTTP Method specifier header is not properly sanitized when the HTTP return code is '413 Request Entity too large' CVE-2007-6203...

4.3CVSS7.5AI score0.80749EPSS
Exploits6References6
Gentoo Linux
Gentoo Linux
added 2008/03/11 12:0 a.m.56 views

Apache: Multiple vulnerabilities

Background The Apache HTTP server is one of the most popular web servers on the Internet. Description Adrian Pastor and Amir Azam ProCheckUp reported that the HTTP Method specifier header is not properly sanitized when the HTTP return code is "413 Request Entity too large" CVE-2007-6203. The...

4.3CVSS6.3AI score0.80749EPSS
Exploits6
Rows per page
Query Builder