Lucene search
K

2442 matches found

Exploit DB
Exploit DB
added 2008/02/12 12:0 a.m.30 views

Cacti 0.8.7 - '/index.php/sql.php?Login Action login_username' SQL Injection

source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP response-splitting vulnerability. Attackers may exploit these...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/12 12:0 a.m.30 views

Cacti 0.8.7 - 'tree.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP response-splitting vulnerability. Attackers may exploit these...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/12 12:0 a.m.25 views

Cacti 0.8.7 - 'graph_view.php?filter' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP response-splitting vulnerability. Attackers may exploit these...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/12 12:0 a.m.27 views

Cacti 0.8.7 - 'graph.php?view_type' Cross-Site Scripting

source: https://www.securityfocus.com/bid/27749/info Cacti is prone to multiple unspecified input-validation vulnerabilities, including: - Multiple cross-site scripting vulnerabilities - Multiple SQL-injection vulnerabilities - An HTTP response-splitting vulnerability. Attackers may exploit these...

7AI score
Exploits0
FreeBSD
FreeBSD
added 2008/02/12 12:0 a.m.15 views

cacti -- Multiple security vulnerabilities have been discovered

The cacti development team reports: Multiple security vulnerabilities have been discovered in Cacti's web interface: XSS vulnerabilities Path disclosure vulnerabilities SQL injection vulnerabilities HTTP response splitting vulnerabilities...

0.4AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2008/01/25 1:0 a.m.44 views

CVE-2008-0456

CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...

2.6CVSS6AI score0.19036EPSS
Exploits1References1
Prion
Prion
added 2008/01/25 1:0 a.m.24 views

Crlf injection

CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...

2.6CVSS6.5AI score0.19036EPSS
Exploits1References26Affected Software4
NVD
NVD
added 2008/01/25 1:0 a.m.26 views

CVE-2008-0456

CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...

2.6CVSS7.2AI score0.19036EPSS
Exploits1References26
OSV
OSV
added 2008/01/25 1:0 a.m.5 views

CVE-2008-0456

CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...

6.3AI score
Exploits0References32
CVE
CVE
added 2008/01/25 12:0 a.m.281 views

CVE-2008-0456

CVE-2008-0456 : CRLF injection in the mod_negotiation module of Apache HTTP Server (versions 2.2.x up to 2.2.6, 2.0.x up to 2.0.61, and 1.3.x up to 1.3.39) allows remote authenticated users to upload a file with a multi-line name containing HTTP header sequences, enabling injection into HTTP resp...

2.6CVSS7.2AI score0.19036EPSS
Exploits1References26Affected Software1
Cvelist
Cvelist
added 2008/01/25 12:0 a.m.31 views

CVE-2008-0456

CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...

7.1AI score0.19036EPSS
Exploits1References26
Debian CVE
Debian CVE
added 2008/01/25 12:0 a.m.47 views

CVE-2008-0456

CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...

2.6CVSS6.7AI score0.19036EPSS
Exploits1
securityvulns
securityvulns
added 2008/01/24 12:0 a.m.52 views

Apache mod_negotiation Xss and Http Response Splitting

Apache modnegotiation Xss and Http Response Splitting Date: January 22th, 2008 Tested Versions: Apache =1.3.39 = 2.0.61 = 2.2.6 Minded Security ReferenceID: MSA01150108 Credits: Discovery by Stefano Di Paola of Minded Security stefano.dipaola at mindedsecurity.com Severity: Low/Medium Permalink:...

6.5AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/22 12:0 a.m.207 views

Apache 2.2.6 mod_negotiation - HTML Injection / HTTP Response Splitting

source: https://www.securityfocus.com/bid/27409/info Apache 'modnegotiation' is prone to an HTML-injection and an HTTP response-splitting vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML o...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.33 views

Debian Security Advisory DSA 1396-1 (icedove)

The remote host is missing an update to icedove announced via advisory DSA 1396-1. OpenVAS Vulnerability Test $Id: deb13961.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1396-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

9.3CVSS1.2AI score0.12736EPSS
Exploits4
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.32 views

Debian Security Advisory DSA 1392-1 (xulrunner)

The remote host is missing an update to xulrunner announced via advisory DSA 1392-1. OpenVAS Vulnerability Test $Id: deb13921.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1392-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

9.3CVSS1AI score0.12736EPSS
Exploits4
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.24 views

Debian Security Advisory DSA 897-1 (phpsysinfo)

The remote host is missing an update to phpsysinfo announced via advisory DSA 897-1. Several vulnerabilities have been discovered in phpsysinfo, a PHP based host information application. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-0870 Maksymilian...

6.8CVSS0.2AI score0.03716EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.21 views

Debian: Security Advisory (DSA-898-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.6AI score0.03716EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.12 views

Debian: Security Advisory (DSA-1002-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.07076EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.18 views

Debian: Security Advisory (DSA-899-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.6AI score0.03716EPSS
Exploits1References3
Rows per page
Query Builder