Lucene search
K

2442 matches found

OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.12 views

Debian: Security Advisory (DSA-1002-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.07076EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.18 views

Debian: Security Advisory (DSA-899-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.6AI score0.03716EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.57 views

Debian: Security Advisory (DSA-1207-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.6AI score0.02074EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.35 views

Debian Security Advisory DSA 898-1 (phpgroupware)

The remote host is missing an update to phpgroupware announced via advisory DSA 898-1. Several vulnerabilities have been discovered in phpsysinfo, a PHP based host information application. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-0870 Maksymilia...

6.8CVSS0.03716EPSS
Exploits1
Apache Httpd
Apache Httpd
added 2008/01/15 12:0 a.m.53 views

Apache Httpd < 2.2.12 : CRLF injection in mod_negotiation when untrusted uploads are supported

Possible CRLF injection allowing HTTP response splitting attacks for sites which use modnegotiation and allow untrusted uploads to locations which have MultiViews enabled...

2.6CVSS1.3AI score0.19036EPSS
Exploits1Affected Software1
NVD
NVD
added 2008/01/10 12:46 a.m.16 views

CVE-2008-0202

CRLF injection vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter...

4.3CVSS7AI score0.01243EPSS
Exploits0References6
Cvelist
Cvelist
added 2008/01/10 12:0 a.m.20 views

CVE-2008-0202

CRLF injection vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter...

7AI score0.01243EPSS
Exploits0References6
CVE
CVE
added 2008/01/10 12:0 a.m.39 views

CVE-2008-0202

CVE-2008-0202 affects ExpressionEngine 1.2.1 and earlier. A CRLF injection vulnerability in index.php allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via a URL parameter. The NVD entry provides a basic impact assessment: confidentiality impact None, in...

4.3CVSS7AI score0.01243EPSS
Exploits0References6Affected Software1
exploitpack
exploitpack
added 2008/01/03 12:0 a.m.17 views

ExpressionEngine 1.2.1 - HTTP Response Splitting Cross-Site Scripting

ExpressionEngine 1.2.1 - HTTP Response Splitting Cross-Site Scripting source: https://www.securityfocus.com/bid/27128/info ExpressionEngine is prone to an HTTP-response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/03 12:0 a.m.21 views

ExpressionEngine 1.2.1 - HTTP Response Splitting / Cross-Site Scripting

source: https://www.securityfocus.com/bid/27128/info ExpressionEngine is prone to an HTTP-response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2007/12/18 11:52 p.m.41 views

Critical: Red Hat Security Advisory: flash-plugin security update

An updated Adobe Flash Player package that fixes a security issue is now available for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The flash-plugin package contains a...

9.3CVSS6AI score0.30065EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2007/12/11 12:0 a.m.26 views

FreeBSD : jetty -- multiple vulnerabilities (6ae7cef2-a6ae-11dc-95e6-000c29c5647f)

Cross-site scripting XSS vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies. Mortbay Jetty before 6.1.6rc1 does not properly handle 'certain quote sequences' in HTML cookie parameters...

7.5CVSS7.4AI score0.03978EPSS
Exploits0References5
NVD
NVD
added 2007/12/05 11:46 a.m.12 views

CVE-2007-5615

CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

5CVSS9.3AI score0.03597EPSS
Exploits0References10
Prion
Prion
added 2007/12/05 11:46 a.m.15 views

Crlf injection

CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

5CVSS9.2AI score0.03597EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2007/12/05 11:0 a.m.61 views

CVE-2007-5615

Jetty (Mortbay Jetty) is affected by CVE-2007-5615: a CRLF injection vulnerability in Jetty before 6.1.6rc0 that could let remote attackers inject arbitrary HTTP headers and perform HTTP response splitting. IBM/OpenVAS/ Fedora references corroborate the vulnerability in Jetty and list related CVE...

5CVSS7.3AI score0.03597EPSS
Exploits0References10Affected Software1
FreeBSD
FreeBSD
added 2007/12/05 12:0 a.m.33 views

jetty -- multiple vulnerabilities

Cross-site scripting XSS vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies. Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters...

7.5CVSS8.7AI score0.03978EPSS
Exploits0References1
CERT
CERT
added 2007/12/04 12:0 a.m.35 views

Mortbay Jetty vulnerable to HTTP response splitting

Overview Mortbay Jetty is vulnerable to HTTP response splitting, which may allow a remote, unauthenticated attacker to inject various HTTP headers Description Mortbay Jetty is a web server that is written in Java. Jetty fails to properly handle HTTP headers with CRLF sequences, which can allow an...

5CVSS7.5AI score0.03597EPSS
Exploits0References2
xssed
xssed
added 2007/11/30 12:0 a.m.18 views

Unfixed HTTP Response Splitting vulnerability at www.blogpeople.net

Security researcher kusomiso.com, has submitted on 30/11/2007 a HTTP Response Splitting vulnerability affecting www.blogpeople.net, which at the time of submission ranked 9933 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/12/2007. It is...

Exploits0References1
securityvulns
securityvulns
added 2007/11/22 12:0 a.m.6408 views

Vulnerability in ExpressionEngine

Здравствуйте 3APA3A! Сообщаю вам о найденной мною HTTP Response Splitting уязвимости в системе ExpressionEngine. Которая может быть использована в частности для проведения Cross-Site Scripting атаки. XSS: Уязвимость в скрипте index.php в параметре URL...

Exploits0
Tenable Nessus
Tenable Nessus
added 2007/11/06 12:0 a.m.48 views

Debian DSA-1401-1 : iceape - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the SeaMonkey Internet Suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1095 Michal Zalewski discovered that the unload event handler had...

9.3CVSS8.5AI score0.12736EPSS
Exploits3References18
Rows per page
Query Builder