CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2442 matches found

CVE•added 2005/11/16 9:17 p.m.•48 views

CVE-2005-3633

The CVE-2005-3633 entry describes an HTTP response splitting vulnerability in SAP Web Application Server (WAS) 6.10 through 7.00. The issue affects frameset.htm, allowing remote attackers to inject arbitrary HTML headers via the sap-exiturl parameter. The vulnerability’s root cause is improper ha...

5CVSS7AI score0.02047EPSS

Exploits1References9Affected Software1

Cvelist•added 2005/11/16 9:17 p.m.•24 views

CVE-2005-3633

HTTP response splitting vulnerability in frameset.htm in SAP Web Application Server WAS 6.10 through 7.00 allows remote attackers to inject arbitrary HTML headers via the sap-exiturl parameter...

6.6AI score0.02047EPSS

Exploits1References9

UbuntuCve•added 2005/11/16 11:2 a.m.•30 views

CVE-2005-3621

CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts...

5CVSS5.9AI score0.0156EPSS

Exploits0References1

NVD•added 2005/11/16 11:2 a.m.•25 views

CVE-2005-3621

CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts...

5CVSS6.7AI score0.0156EPSS

Exploits0References6

Cvelist•added 2005/11/16 11:0 a.m.•29 views

CVE-2005-3621

CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts...

6.6AI score0.0156EPSS

Exploits0References6

Debian CVE•added 2005/11/16 11:0 a.m.•29 views

CVE-2005-3621

CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts...

5CVSS6.8AI score0.0156EPSS

Exploits0

CVE•added 2005/11/16 11:0 a.m.•68 views

CVE-2005-3621

CVE-2005-3621 is a CRLF injection vulnerability in phpMyAdmin prior to 2.6.4-pl4 that enables HTTP response splitting via unspecified scripts. The vulnerability is documented in multiple sources (e.g., Debian DSA advisories and GHSA entries) and is associated with phpMyAdmin. The connected OpenVA...

5CVSS6.6AI score0.0156EPSS

Exploits0References6Affected Software1

Tenable Nessus•added 2005/11/16 12:0 a.m.•122 views

phpSysInfo < 2.4.1 Multiple Vulnerabilities

The remote host is running phpSysInfo, a PHP application that parses the /proc entries on Linux/Unix systems and displays them in HTML. The installed version of phpSysInfo on the remote host has a design flaw in its globalization layer such that the script's variables can be overwritten independe...

6.8CVSS5.6AI score0.03716EPSS

Exploits1References5

Tenable Nessus•added 2005/11/16 12:0 a.m.•16 views

phpwcms 1.2.5 Multiple Vulnerabilities

The remote host is running phpwcms, an open source content management system written in PHP. The version of phpwcms installed on the remote host does not sanitize input to the 'formlang' parameter of the 'login.php' script before using it in PHP 'include' functions. An unauthenticated attacker ca...

5CVSS5.5AI score0.03424EPSS

Exploits1References2

Packet Storm•added 2005/11/15 12:0 a.m.•68 views

Hardened-PHP Project Security Advisory 2005-21.81

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Multiple vulnerabilities in phpSysInfo Release Date: 2005/11/13 Last Modified: 2005/11/12 Author: Christopher Kunz Application: phpSysInfo 2.4 and prior Severity: Cross-Site...

6.8CVSS0.5AI score0.03716EPSS

Exploits1

OSV•added 2005/11/15 12:0 a.m.•36 views

DSA-897-1 phpsysinfo - programming errors

Bulletin has no description...

6.8CVSS5.9AI score0.03716EPSS

Exploits1

securityvulns•added 2005/11/15 12:0 a.m.•32 views

[Full-disclosure] [FS-05-02] Multiple vulnerabilities in phpMyAdmin

=============================================================================== Security Advisory http://www.fitsec.com/advisories/FS-05-02.txt Severity: Low/Medium Title: Multiple vulnerabilities in phpMyAdmin Date: 12.11.2005 ID: FS-05-02 Author: Toni Koivunen toni.koivunen at fitsec.com - - - ...

1.2AI score

Exploits0

FreeBSD•added 2005/11/15 12:0 a.m.•15 views

phpmyadmin -- HTTP Response Splitting vulnerability

A phpMyAdmin security advisory reports: Some scripts in phpMyAdmin are vulnerable to an HTTP Response Splitting attack. Severity: We consider these vulnerabilities to be serious. However, they can only be triggered on systems running with registerglobals = on...

7.5AI score

Exploits0References3

securityvulns•added 2005/11/14 12:0 a.m.•59 views

[Full-disclosure] Advisory 22/2005: Multiple vulnerabilities in phpSysInfo

6.8CVSS0.7AI score0.03716EPSS

Exploits1

Exploit DB•added 2005/11/11 12:0 a.m.•21 views

PHPSysInfo 2.x - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/15396/info phpSysInfo is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. phpSysInfo is prone to cross-site scripting, HTTP response splitting and arbitrary...

7.4AI score

Exploits0

exploitpack•added 2005/11/09 12:0 a.m.•20 views

SAP Web Application Server 6.x7.0 - Input Validation

SAP Web Application Server 6.x7.0 - Input Validation source: https://www.securityfocus.com/bid/18006/info SAP Web Application Server is prone to an input-validation vulnerability that results in HTTP response-splitting attacks. This issue is due to a failure in the application to properly sanitiz...

7.3AI score

Exploits0

securityvulns•added 2005/11/09 12:0 a.m.•37 views

Multiple SAP Web Application Server vulnerabilities

Crossite scripting, request redirection, HTTP response splitting...

0.5AI score

Exploits0References3Affected Software1

securityvulns•added 2005/11/09 12:0 a.m.•29 views

[Full-disclosure] CYBSEC - Security Advisory: HTTP Response Splitting in SAP WAS

The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSECSecurityAdvisoryHTTPResponseSplittinginSAPWAS.pdf CYBSEC S.A. www.cybsec.com Advisory Name: HTTP Response Splitting in SAP WAS Web Application Server Vulnerability Class: HTTP Response Splitti...

7.1AI score

Exploits0

OpenVAS•added 2005/11/03 12:0 a.m.•18 views

phpBB < 2.0.10

The remote host is running a version of phpBB older than 2.0.10. phpBB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user-supplied input in the 'searchauthor' parameter. This version is also vulnerable to a HTTP respon...

5CVSS6.2AI score0.02223EPSS

Exploits2References1

OpenVAS•added 2005/11/03 12:0 a.m.•64 views

IdealBB multiple flaws

The remote host is running IdealBB, a web based bulletin board written in ASP. The remote version of this software is vulnerable to multiple flaws: SQL injection, cross-site scripting and HTTP response splitting vulnerabilities. OpenVAS Vulnerability Test $Id: idealbbmultipleflaws.nasl 5786...

7.5CVSS0.1AI score0.01336EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by