2442 matches found
CVE-2005-4830
Removed by vendor...
ViewCVS 0.9.4 issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi! Short version for the busy ones: o Security issue on ViewCVS 0.9.4 o Not really exploitable unless malicious users have CVS write access AND victim visits pre-crafted URL ViewCVS 0.9.4...
phpmyvisites-xss.txt
Multiple vulnerabilities in phpMyVisites Application : phpMyVisites prior to 2.2 stable Release Date : 11 February 2007 Author : Nicob Abstract : ========== Several vulnerabilities were identified in phpMyVisites. This software is "a free and powerful open source GNU/GPL software for websites...
CVE-2007-0892
CRLF injection vulnerability in phpMyVisites before 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the url parameter, when the pagename parameter begins with "FILE:"...
Crlf injection
CRLF injection vulnerability in phpMyVisites before 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the url parameter, when the pagename parameter begins with "FILE:"...
CVE-2007-0892
CRLF injection vulnerability in phpMyVisites before 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the url parameter, when the pagename parameter begins with "FILE:"...
CVE-2007-0892
The CVE-2007-0892 issue affects phpMyVisites prior to 2.2, where a CRLF injection via the url parameter enables HTTP header injection and response splitting when the pagename starts with "FILE:". This is a remote, network-accessible vulnerability in the web frontend that can alter HTTP headers an...
[Full-disclosure] Multiple vulnerabilities in phpMyVisites
Multiple vulnerabilities in phpMyVisites Application : phpMyVisites prior to 2.2 stable Release Date : 11 February 2007 Author : Nicob nicob at nicob.net Abstract : ========== Several vulnerabilities were identified in phpMyVisites. This software is "a free and powerful open source GNU/GPL softwa...
Unfixed HTTP Response Splitting vulnerability at www.dennymfg.com
Security researcher atcore, has submitted on 02/07/2007 a HTTP Response Splitting vulnerability affecting www.dennymfg.com, which at the time of submission ranked 312180 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/07/2007. It is currentl...
CVE-2006-6965
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks...
CVE-2006-6965
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks...
CVE-2006-6965
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks...
CVE-2006-6965
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks...
CVE-2006-6965
CRLF injection vulnerability in lib/exe/fetch.php in DokuWiki 2006-03-09e, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the media parameter. NOTE: this issue can be leveraged for XSS attacks...
CVE-2006-6965
CVE-2006-6965 affects DokuWiki (2006-03-09e and possibly earlier) and is a CRLF injection in lib/exe/fetch.php via the media parameter. This allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting, with potential XSS impact. Multiple advisories corroborate the...
HTTP Response Splitting vulnerability
PMASA-2007-1 Announcement-ID: PMASA-2007-1 Date: 2007-01-16 Summary HTTP Response Splitting vulnerability Description On systems running PHP 5 before 5.1.2 or PHP 4 before 4.4.2, it is possible to trigger this vulnerability by editing the cookie containing PHP's session id. This can be used to se...
Crlf injection
CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the...
CVE-2007-0047
CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the...
CVE-2007-0047
CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the...
CVE-2007-0047
CVE-2007-0047 : The Adobe Acrobat Reader Plugin (pre-8.0.0) is vulnerable when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer. The issue allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via CRLF sequences in the javascript: URI cont...