Lucene search
K

2442 matches found

Debian CVE
Debian CVE
added 2007/03/03 7:0 p.m.19 views

CVE-2005-4830

Removed by vendor...

7.6CVSS6.9AI score0.02102EPSS
Exploits1
securityvulns
securityvulns
added 2007/02/27 12:0 a.m.134 views

ViewCVS 0.9.4 issues

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi! Short version for the busy ones: o Security issue on ViewCVS 0.9.4 o Not really exploitable unless malicious users have CVS write access AND victim visits pre-crafted URL ViewCVS 0.9.4...

4.3CVSS5.4AI score0.01235EPSS
Exploits0
Packet Storm
Packet Storm
added 2007/02/13 12:0 a.m.29 views

phpmyvisites-xss.txt

Multiple vulnerabilities in phpMyVisites Application : phpMyVisites prior to 2.2 stable Release Date : 11 February 2007 Author : Nicob Abstract : ========== Several vulnerabilities were identified in phpMyVisites. This software is "a free and powerful open source GNU/GPL software for websites...

7.4AI score
Exploits0
NVD
NVD
added 2007/02/12 11:28 p.m.16 views

CVE-2007-0892

CRLF injection vulnerability in phpMyVisites before 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the url parameter, when the pagename parameter begins with "FILE:"...

7.5CVSS7AI score0.01403EPSS
Exploits0References4
Prion
Prion
added 2007/02/12 11:28 p.m.14 views

Crlf injection

CRLF injection vulnerability in phpMyVisites before 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the url parameter, when the pagename parameter begins with "FILE:"...

7.5CVSS7.5AI score0.01403EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/02/12 11:0 p.m.23 views

CVE-2007-0892

CRLF injection vulnerability in phpMyVisites before 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the url parameter, when the pagename parameter begins with "FILE:"...

7AI score0.01403EPSS
Exploits0References4
CVE
CVE
added 2007/02/12 11:0 p.m.44 views

CVE-2007-0892

The CVE-2007-0892 issue affects phpMyVisites prior to 2.2, where a CRLF injection via the url parameter enables HTTP header injection and response splitting when the pagename starts with "FILE:". This is a remote, network-accessible vulnerability in the web frontend that can alter HTTP headers an...

7.5CVSS7AI score0.01403EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2007/02/12 12:0 a.m.39 views

[Full-disclosure] Multiple vulnerabilities in phpMyVisites

Multiple vulnerabilities in phpMyVisites Application : phpMyVisites prior to 2.2 stable Release Date : 11 February 2007 Author : Nicob nicob at nicob.net Abstract : ========== Several vulnerabilities were identified in phpMyVisites. This software is "a free and powerful open source GNU/GPL softwa...

1.3AI score
Exploits0
xssed
xssed
added 2007/02/07 12:0 a.m.13 views

Unfixed HTTP Response Splitting vulnerability at www.dennymfg.com

Security researcher atcore, has submitted on 02/07/2007 a HTTP Response Splitting vulnerability affecting www.dennymfg.com, which at the time of submission ranked 312180 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/07/2007. It is currentl...

0.1AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2007/01/29 5:28 p.m.20 views

CVE-2006-6965

CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks...

4.3CVSS6.1AI score0.01321EPSS
Exploits0References1
OSV
OSV
added 2007/01/29 5:28 p.m.8 views

CVE-2006-6965

CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks...

6.2AI score
Exploits0References8
NVD
NVD
added 2007/01/29 5:28 p.m.16 views

CVE-2006-6965

CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks...

4.3CVSS6.3AI score0.01321EPSS
Exploits0References8
Cvelist
Cvelist
added 2007/01/29 5:0 p.m.18 views

CVE-2006-6965

CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks...

6.2AI score0.01321EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2007/01/29 5:0 p.m.19 views

CVE-2006-6965

CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks...

4.3CVSS6.5AI score0.01321EPSS
Exploits0
CVE
CVE
added 2007/01/29 5:0 p.m.50 views

CVE-2006-6965

CVE-2006-6965 affects DokuWiki (2006-03-09e and possibly earlier) and is a CRLF injection in lib/exe/fetch.php via the media parameter. This allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting, with potential XSS impact. Multiple advisories corroborate the...

4.3CVSS6.2AI score0.01321EPSS
Exploits0References8Affected Software1
phpMyAdmin
phpMyAdmin
added 2007/01/16 12:0 a.m.31 views

HTTP Response Splitting vulnerability

PMASA-2007-1 Announcement-ID: PMASA-2007-1 Date: 2007-01-16 Summary HTTP Response Splitting vulnerability Description On systems running PHP 5 before 5.1.2 or PHP 4 before 4.4.2, it is possible to trigger this vulnerability by editing the cookie containing PHP's session id. This can be used to se...

7.5CVSS5.8AI score0.01382EPSS
Exploits0Affected Software1
Prion
Prion
added 2007/01/03 9:28 p.m.21 views

Crlf injection

CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the...

6.8CVSS6.9AI score0.08802EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2007/01/03 9:28 p.m.28 views

CVE-2007-0047

CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the...

6.8CVSS6.7AI score0.08802EPSS
Exploits0References6
Cvelist
Cvelist
added 2007/01/03 8:0 p.m.34 views

CVE-2007-0047

CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the...

6.6AI score0.08802EPSS
Exploits0References6
CVE
CVE
added 2007/01/03 8:0 p.m.67 views

CVE-2007-0047

CVE-2007-0047 : The Adobe Acrobat Reader Plugin (pre-8.0.0) is vulnerable when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer. The issue allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via CRLF sequences in the javascript: URI cont...

6.8CVSS6.6AI score0.08802EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder