Debian DSA-898-1 : phpgroupware - programming errors

Several vulnerabilities have been discovered in phpsysinfo, a PHP based host information application that is included in phpgroupware. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-0870 Maksymilian Arciemowicz discovered several cross site scripti...

Debian DSA-944-1 : mantis - several vulnerabilities

Several security related problems have been discovered in Mantis, a web-based bug tracking system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-4238 Missing input sanitising allows remote attackers to inject arbitrary web script or HTML. -...

Debian DSA-899-1 : egroupware - programming errors

Several vulnerabilities have been discovered in egroupware, a web-based groupware suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-0870 Maksymilian Arciemowicz discovered several cross site scripting problems in phpsysinfo, which are also...

EV0138.txt

New eVuln Advisory: NX5Linkx Multiple Vulnerabilities http://evuln.com/vulns/138/summary.html --------------------Summary---------------- eVuln ID: EV0138 CVE: CVE-2006-4503 CVE-2006-4504 CVE-2006-4505 Vendor: NX5 Vendor's Web Site: http://nx5ware.nx5.org/ Software: NX5Linkx Sowtware's Web Site:...

NX5Linkx 1.0 - 'links.php' HTTP Response Splitting

source: https://www.securityfocus.com/bid/20011/info NX5Linkx is prone to an HTTP response-splitting vulnerability because the application fails to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cache...

NX5Linkx 1.0 - links.php HTTP Response Splitting

NX5Linkx 1.0 - links.php HTTP Response Splitting source: https://www.securityfocus.com/bid/20011/info NX5Linkx is prone to an HTTP response-splitting vulnerability because the application fails to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence...

CVE-2006-4505

CRLF injection vulnerability in links.php in NX5Linx 1.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a CRLF sequence in the url parameter...

CVE-2006-4505

NX5Linx 1.0 is affected by CVE-2006-4505: a CRLF injection in links.php allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via the url parameter. The connected sources also describe broader NX5Linkx issues (e.g., link.php exposure and additional vulnerabi...

CVE-2006-4505

CRLF injection vulnerability in links.php in NX5Linx 1.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a CRLF sequence in the url parameter...

Technical note by Amit Klein: "Sending arbitrary HTTP requests with Flash 7/8 (+IE 6.0)"

Sending arbitrary HTTP requests with Flash 7/8 +IE 6.0 Amit Klein, August 2006 The trick ========= In 1, I showed how to forge parts of HTTP requests containing CRs and LFs using Flash. In that write-up, the data was part of the HTTP body section. However, combining the Content-Length overriding...

bitweaver_13_xpl.txt

!/usr/bin/php -q -d shortopentag=on mErrors'articleimage' = "Error during att...

CVE-2006-3105

CRLF injection vulnerability in Bitweaver 1.3 allows remote attackers to conduct HTTP response splitting attacks by via CRLF sequences in multiple unspecified parameters that are injected into HTTP headers, as demonstrated by the BWSESSION parameter in index.php...

CVE-2006-3105

Technical details about CVE-2006-3105 are not publicly provided in the connected documents. The available sources reproduce the description but do not specify affected products/versions, root cause, or fixes. Monitor for updates.

CVE-2006-3105

CRLF injection vulnerability in Bitweaver 1.3 allows remote attackers to conduct HTTP response splitting attacks by via CRLF sequences in multiple unspecified parameters that are injected into HTTP headers, as demonstrated by the BWSESSION parameter in index.php...

Bitweaver 1.3 - tmpImagePath Attachment mod_mime

Bitweaver 1.3 - tmpImagePath Attachment modmime !/usr/bin/php -q -d shortopentag=on mErrors'articleimage'...

bitweaver <= 1.3 (tmpImagePath) Attachment mod_mime Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "bitweaver = v1.3 'tmpImagePath' attachment modmime exploit\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n"; echo "dork: "powered by bitweaver"\r\n\r\n"; if $argc4 echo...

CVE-2006-3016

Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site scripting XSS, and HTTP response splitting...

Multiple Mozilla / Firefox / Thunderbird / Netscape / Seamonkey security vulnerabilities

Localzone scripting with code execution, memory corruption, HTTP response splitting, array overflow, javascript filtering bypass...

JVN#62734622 Mozilla Firefox vulnerable to HTTP response splitting

Impact If an user accesses a malicious web page, an attacker could inject scripts into HTTP responses from the other domains. Solution Products Affected Mozilla Firefox 1.5.0.3 and earlier...

"Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein

Exploiting the XmlHttpRequest object in IE - Referrer spoofing, and a lot more... Amit Klein, September 2005 Preface ======= This paper is released in a bit of haste, and as such, it may be somewhat incomplete. The reason is that I was toying with the concepts and techniques outlined in it for th...