CVE-2004-1687

Snitz Forums 2000 v3.4.04 has a CRLF injection vulnerability in down.asp that enables HTTP Response Splitting via the location parameter. This remote issue can alter the server's HTML output. OpenVAS data labels it as Snitz Forums 2000 HTTP Response Splitting . No explicit remediation/patch detai...

CVE-2004-1564

The CVE-2004-1564 entry concerns w-Agora 4.1.6a, where CRLF injection in subscribe_thread.php allows HTTP Response Splitting to alter server‑generated HTML content via the thread parameter. The vulnerability is caused by improper handling of input that can introduce CRLF sequences in HTTP headers...

CVE-2004-1656

CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl parameter...

CVE-2004-1584

The CVE-2004-1584 entry maps to a CRLF/HTTP Response Splitting vulnerability in WordPress 1.2, exploitable via wp-login.php using the text parameter to modify server HTML output. Affected software is WordPress 1.2 (WordPress

CVE-2004-1584

CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter...

WordPress <=1.2 - CRLF (Carriage Return Line Feed) injection

Because of this vulnerability in wp-login.php, attackers can perform HTTP Response Splitting attacks to modify expected HTML content from the server via the "text" parameter. Solution Update the WordPress to the latest available version at least 1.2.1...

CVE-2004-1516

The CVE-2004-1516 entry corresponds to a CRLF injection (HTTP response splitting) vulnerability in phpWebSite 0.9.3-4, exploitable via the block_username parameter in the user module. The issue arises from insufficient input validation in the PHP application, enabling remote attackers to inject a...

CVE-2004-1516

CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the blockusername parameter in the user module...

CVE-2004-1507

CRLF injection vulnerability in login.php in WebCalendar allows remote attackers to inject CRLF sequences via the returnpath parameter and perform HTTP Response Splitting attacks to modify expected HTML content from the server...

CVE-2004-1507

CVE-2004-1507 describes a CRLF injection flaw in WebCalendar’s login.php that allows remote attackers to inject CRLF sequences via the return_path parameter, enabling HTTP Response Splitting to alter server HTML content. The NVD entry lists a network attack vector with no authentication, low comp...

CVE-2004-1470

CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server...

CVE-2004-1470

The CVE-2004-1470 entry covers a CRLF injection vulnerability in SnipSnap, affecting SnipSnap 0.5.2a and other versions before 1.0b1. The issue enables HTTP Response Splitting to alter the server’s HTML output. Impact details are limited to the vulnerability allowing manipulation of content; expl...

Debian DSA-667-1 : squid - several vulnerabilities

Several vulnerabilities have been discovered in Squid, the internet object cache, the popular WWW proxy cache. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2005-0173 LDAP is very forgiving about spaces in search filters and this could be abused...

USN-77-1: Squid vulnerabilities

A possible authentication bypass was discovered in the LDAP authentication backend. LDAP ignores leading and trailing whitespace in search filters. This could possibly be abused to bypass explicit access controls or confuse accounting when using several variants of the login name. CAN-2005-0173...

CVE-2005-0175

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack...

CVE-2005-0175

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack...

DEBIAN-CVE-2005-0175

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack...

CVE-2005-0175

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack...

CVE-2005-0175

CVE-2005-0175 affects the Squid proxy. The provided description states that Squid versions from 2.5 up to 2.5.STABLE7 are vulnerable to an HTTP response splitting flaw that enables remote attackers to poison the cache. The underlying issue is a mis-handling of HTTP responses that allows injection...

CVE-2005-0175

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack...