2442 matches found
CVE-2005-0175
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack...
[SECURITY] [DSA 667-1] New squid packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 667-1 [email protected] http://www.debian.org/security/ Martin Schulze February 4th, 2005 http://www.debian.org/security/faq -...
[SA14051] phpPgAds "dest" Parameter HTTP Response Splitting Vulnerability
TITLE: phpPgAds "dest" Parameter HTTP Response Splitting Vulnerability SECUNIA ADVISORY ID: SA14051 VERIFY ADVISORY: http://secunia.com/advisories/14051/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: phpPgAds 2.x http://secunia.com/product/4577/ DESCRIPTION: Te...
phpPGAds/phpAdNew < 2.0.2 HTTP Response Splitting
Binary data 2575.prm...
phpPgAds dest Parameter HTTP Response Splitting
There is a flaw in the remote phpPgAds/phpAdsNew, a banner management and tracking system written in PHP. This version of phpPgAds/phpAdsNew is affected by an HTTP response splitting vulnerability. An attacker, exploiting this flaw, would be able to redirect users to another site to perform anoth...
Two Vulnerabilities in ViewCVS
--------------------------------------------------------------------------- Two Vulnerabilities in ViewCVS --------------------------------------------------------------------------- Author: Jose Antonio Coret Joxean Koret Date: 2004 Location: Basque Country...
viewcvs.txt
--------------------------------------------------------------------------- Two Vulnerabilities in ViewCVS --------------------------------------------------------------------------- Author: Jose Antonio Coret Joxean Koret Date: 2004 Location: Basque Country...
CVE-2004-2146
CRLF injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows attackers to conduct HTTP response splitting attacks via the fid parameter in a writenew action to thread-post.asp...
CVE-2004-1470
CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server...
CVE-2004-1564
CRLF injection vulnerability in subscribethread.php in w-Agora 4.1.6a allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the thread parameter...
CVE-2004-1584
CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter...
CVE-2004-2054
CRLF injection vulnerability in PhpBB 2.0.4 and 2.0.9 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via 1 the mode parameter to privmsg.php or 2 the redirect parameter to login.php...
CVE-2004-2208
CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors...
CVE-2004-2512
CRLF injection vulnerability in calendar.php in DCP-Portal 5.3.2 and earlier allows remote attackers to conduct HTTP response splitting attacks to spoof web content and poison web caches via CRLF "%0d%0a" sequences in the PHPSESSID parameter...
CVE-2004-1507
CRLF injection vulnerability in login.php in WebCalendar allows remote attackers to inject CRLF sequences via the returnpath parameter and perform HTTP Response Splitting attacks to modify expected HTML content from the server...
CVE-2004-1584
CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter...
CVE-2004-1516
CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the blockusername parameter in the user module...
ViewCVS < 1.0.0 HTTP Response Splitting
Binary data 2478.prm...
ViewCVS < 1.0.0 Multiple Vulnerabilities
The remote host is running ViewCVS, a tool to browse CVS repositories over the web written in python. Flaws in the remote version of this website may allow an attacker to launch cross-site scripting and/or HTTP response-splitting attacks against the remote install. %NASLMINLEVEL 70300 C Tenable...
GLSA-200411-35 : phpWebSite: HTTP response splitting vulnerability
The remote host is affected by the vulnerability described in GLSA-200411-35 phpWebSite: HTTP response splitting vulnerability Due to lack of proper input validation, phpWebSite has been found to be vulnerable to HTTP response splitting attacks. Impact : A malicious user could inject arbitrary...