PHP vulnerabilities of the session session hijacking-vulnerability warning-the black bar safety net

This article mainly introduced for the PHP website, Session hijacking. session hijacking is a more complex attack methods. Most of the Internet on the computer more there is to attack danger. This is a hijacking of the tcp Protocol, so almost all of the LAN, there is the hijacking possible. The...

CVE-2013-0272

Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header...

Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities

Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities Device Name: EW-7206APg / EW-7209APg Vendor: Edimax ============ Vulnerable Firmware Releases: ============ Device: EW-7206APg Hardware Version Rev. A Runtime Code Version v1.32 Runtime Code Version V1.33 Device: EW-7209APg Hardware...

Edimax EW-7206APg / EW-7209APg Redirection / XSS / Header Injection

Device Name: EW-7206APg / EW-7209APg Vendor: Edimax ============ Vulnerable Firmware Releases: ============ Device: EW-7206APg Hardware Version Rev. A Runtime Code Version v1.32 Runtime Code Version V1.33 Device: EW-7209APg Hardware Version Rev. A Runtime Code Version 1.21 Runtime Code Version 1....

Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities

Acting as a bridge between the wired Ethernet and the 2.4GHz IEEE 802.11g/b wireless LAN, this wireless LAN access point can let your wireless LAN client stations access both the wired and the wireless network nodes. EW-7206APg:...

Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities

Device Name: EW-7206APg / EW-7209APg Vendor: Edimax ============ Vulnerable Firmware Releases: ============ Device: EW-7206APg Hardware Version Rev. A Runtime Code Version v1.32 Runtime Code Version V1.33 Device: EW-7209APg Hardware Version Rev. A Runtime Code Version 1.21 Runtime Code Version 1....

Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Windows)

The host is installed with Active Perl and is prone to HTTP header injection vulnerability. OpenVAS Vulnerability Test $Id: gbactiveperlcgipmmoduleheaderinjevulnwin.nasl 6086 2017-05-09 09:03:30Z teissa $ Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability Windows Author...

Strawberry Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability (Windows)

The host is installed with Strawberry Perl and is prone to HTTP header injection vulnerability. OpenVAS Vulnerability Test $Id: gbperlcgipmmoduleheaderinjevulnwin.nasl 6074 2017-05-05 09:03:14Z teissa $ Strawberry Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability Windows...

Strawberry Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability - Windows

Strawberry Perl is prone to HTTP header injection vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Active Perl CGI.pm 'Set-Cookie' and 'P3P' HTTP Header Injection Vulnerability - Windows

Active Perl is prone to HTTP header injection vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Perforce P4web 2011/2012 Web Client XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: Perforce P4web 2011/2012 Web Client XSS Vulnerability Date: 21 Jan 2013 Researcher: Christy Philip Mathew Email: email protected Vendor or Software Link: http://filehost.perforce.com/perforce/r11.1/bin.ntx86/p4webinst.exe...

CVE-2012-6452 Axway Secure Messenger Username Disclosure

Product: Axway Email Firewall Component: Secure Messenger Vendor: Axway Vulnerable Versions: 6.5 and earlier on the Email Firewall EMF platform only Tested Version: 6.3.2 Build 4230 Vendor Notification: December 8, 2012 Vendor Patch: Secure Messenger version 6.5.0 Updated Release 7 Public...

CVE-2012-5875

Firefly Media Server 1.0.0.1359 allows remote attackers to cause a denial of service NULL pointer dereference via a 1 crafted Connection HTTP header; a return carriage control character in the 2 Accept Language header, 3 User-agent header, 4 Host header, or 5 protocol version; or a 6 crafted HTTP...

httpd: mod_negotiation CRLF injection via untrusted file names in directories with MultiViews enabled

CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...

CVE-2012-6369

Cross-site scripting XSS vulnerability in the Troubleshooting Reporting System feature in AgileBits 1Password 3.9.9 might allow remote attackers to inject arbitrary web script or HTML via a crafted User-Agent HTTP header that is not properly handled in a View Troubleshooting Report action...

CVE-2012-6369

Cross-site scripting XSS vulnerability in the Troubleshooting Reporting System feature in AgileBits 1Password 3.9.9 might allow remote attackers to inject arbitrary web script or HTML via a crafted User-Agent HTTP header that is not properly handled in a View Troubleshooting Report action...

FireFly Mediaserver 1.0.0.1359 - Null Pointer Dereference

Advisory ID: HTB23129 Product: FireFly Mediaserver Vendor: FireFly Vulnerable Versions: 1.0.0.1359 and probably prior Tested Version: 1.0.0.1359 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: December 19, 2012 Vulnerability Type: NULL Pointer Dereference CWE-476 CVE...

FireFly Mediaserver 1.0.0.1359 - Null Pointer Dereference

FireFly Mediaserver 1.0.0.1359 - Null Pointer Dereference Advisory ID: HTB23129 Product: FireFly Mediaserver Vendor: FireFly Vulnerable Versions: 1.0.0.1359 and probably prior Tested Version: 1.0.0.1359 in Windows 7 SP1 Vendor Notification: November 21, 2012 Public Disclosure: December 19, 2012...

Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities

This host is running Firefly MediaServer and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gbfireflymediaservermultdosvuln.nasl 5841 2017-04-03 12:46:41Z cfi $ Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities Authors: Rachana Shetty Copyright:...

FireFly Mediaserver 1.0.0.1359 NULL Pointer Dereference

FireFly Mediaserver version 1.0.0.1359 suffers from a denial of service vulnerability that can be triggered by a NULL pointer dereference. Product: FireFly Mediaserver Vendor: FireFly Vulnerable Versions: 1.0.0.1359 and probably prior Tested Version: 1.0.0.1359 in Windows 7 SP1 Vendor Notificatio...