2442 matches found
UBB.threads < 6.5.2 beta Multiple Vulnerabilities
The remote host is running a version of UBB.threads that suffers from multiple vulnerabilities due to insufficient input validation - local file inclusion, HTTP response splitting, SQL injection, and cross-site scripting. These flaws may allow an attacker to completely compromise the affected...
CVE-2005-1180
HTTP Response Splitting vulnerability in the Surveys module in PHP-Nuke 7.6 allows remote attackers to spoof web content and poison web caches via hex-encoded CRLF "%0d%0a" sequences in the forwarder parameter...
CVE-2005-1180
Technical details about CVE-2005-1180 are not publicly provided in the supplied connected documents. The records here restate the vulnerability description without additional specifics on affected versions, fixes, or exploit information. Monitor for updates.
PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting
source: https://www.securityfocus.com/bid/13201/info PHP-Nuke is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how Web...
SqWebMail 3.x/4.0 - HTTP Response Splitting
source: https://www.securityfocus.com/bid/13374/info SQWebmail is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent how Web...
SqWebMail 3.x4.0 - HTTP Response Splitting
SqWebMail 3.x4.0 - HTTP Response Splitting source: https://www.securityfocus.com/bid/13374/info SQWebmail is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerabili...
PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting
PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting source: https://www.securityfocus.com/bid/13201/info PHP-Nuke is prone to a HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this...
[SA14879] Lotus Notes/Domino Multiple Vulnerabilities
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Lotus Notes/Domino Multiple Vulnerabilities SECUNIA...
CVE-2005-0843
CVE-2005-0843 : In Phorum 5.0.14a, the file search.php is vulnerable to a CRLF injection via the body parameter, which is included in the HTTP Location header. This allows remote attackers to perform HTTP response splitting. The issue is documented in multiple sources (NVD entry for CVE-2005-0843...
CVE-2005-0843
CRLF injection vulnerability in search.php in Phorum 5.0.14a allows remote attackers to perform HTTP Response Splitting attacks via the body parameter, which is included in the resulting Location header...
phorumSplit.txt
Positive Technologies SA-20050322 Phorum "location" HTTP Response Splitting Vulnerability. Release Date: 03/22/2005 Date Reported: 03/10/2005 Severity: Medium Application: Phorum Platform: PHP Vendor: http://www.phorum.org Affects versions: 5.0.14a Other versions may also be affected. I. BACKGROU...
Phorum 3.x5.0.x - HTTP Response Splitting
Phorum 3.x5.0.x - HTTP Response Splitting source: https://www.securityfocus.com/bid/12869/info A remote HTTP response splitting vulnerability reportedly affects Phorum. This issue is due to a failure of the application to properly sanitize user-supplied input. A remote attacker may exploit this...
[ Positive Technologies #SA] Phorum "location" HTTP Response Splitting Vulnerability
Positive Technologies SA-20050322 Phorum "location" HTTP Response Splitting Vulnerability. Release Date: 03/22/2005 Date Reported: 03/10/2005 Severity: Medium Application: Phorum Platform: PHP Vendor: http://www.phorum.org Affects versions: 5.0.14a Other versions may also be affected. I. BACKGROU...
Phorum 3.x/5.0.x - HTTP Response Splitting
source: https://www.securityfocus.com/bid/12869/info A remote HTTP response splitting vulnerability reportedly affects Phorum. This issue is due to a failure of the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to influence or misrepresent...
CVE-2004-1620
CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in 1 index.php and 2 exit.php, or 3 the HTTP Referer field in comment.php...
CVE-2004-1584
CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter...
CVE-2004-1620
CVE-2004-1620: Serendipity before 0.7rc1 has a CRLF injection (HTTP Response Splitting) allowing remote attackers to modify server HTML content via the url parameter in index.php and exit.php, or via the HTTP Referer header in comment.php. The vulnerability is exploitable remotely over the networ...
CVE-2004-1656
CRLF injection in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting via the redirecturl parameter, enabling modification of server HTML content. Root cause is CRLF handling in the redirecturl flow; vulnerable component is the redirecturl parameter processing...
CVE-2004-1687
CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the location parameter...
CVE-2004-1564
CRLF injection vulnerability in subscribethread.php in w-Agora 4.1.6a allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the thread parameter...