Design/Logic Flaw

Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors...

CVE-2007-1406

CVE-2007-1406 affects Trac before 0.10.3.1. The issue is that Trac did not send a Content-Disposition HTTP header specifying an attachment in certain “unsafe” situations, with the impact and remote attack vectors described as unknown in the sources. The connected records confirm Trac’s version ga...

CVE-2007-1406

Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors...

CVE-2007-1406

Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors...

Stack overflow

Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote attackers to execute arbitrary code via a long string in the Content-Length HTTP header...

CVE-2007-1260

Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote attackers to execute arbitrary code via a long string in the Content-Length HTTP header...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in Jupiter CMS 1.1.5 allow remote attackers to inject arbitrary web script or HTML via the Referer HTTP header and certain other HTTP headers, which are displayed without proper sanitization when an administrator performs a Logged Gue...

CVE-2007-0973

Multiple cross-site scripting XSS vulnerabilities in index.php in Jupiter CMS 1.1.5 allow remote attackers to inject arbitrary web script or HTML via the Referer HTTP header and certain other HTTP headers, which are displayed without proper sanitization when an administrator performs a Logged Gue...

CVE-2006-7013

QueryString.php in Simple Machines Forum SMF 1.0.7 and earlier, and 1.1rc2 and earlier, allows remote attackers to more easily spoof the IP address and evade banning via a modified X-Forwarded-For HTTP header, which is preferred instead of other more reliable sources for the IP address. NOTE: the...

Jupiter CMS 1.1.5 - Client-IP SQL Injection

Jupiter CMS 1.1.5 - Client-IP SQL Injection URL: http://www.acid-root.new.fr/advisories/12070214.txt / errorreportingEALL ^ ENOTICE; $url = 'http://localhost/jupiter/'; $xpl = new phpsploit; $xpl-agent"Mozilla"; $hev = "-1' UNION SELECT CONCAT'" ."BEGINXPLUSER'," ."SELECT username FROM users LIMI...

CVE-2006-6986

Cross-domain vulnerability in PhaseOut 5.4.4 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which...

CVE-2006-6990

Cross-domain vulnerability in Enigma Browser 3.8.8 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site,...

CVE-2006-6989

Cross-domain vulnerability in NetCaptor 4.5.7 Personal Edition allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the...

CVE-2006-6983

CVE-2006-6983 documents a cross-domain information disclosure in MYweb4net Browser 3.8.8.0. The vulnerability arises from an object tag with a data parameter referencing a link that points to a Location header on the attacker's site, allowing the target content to be exposed via the outerHTML att...

CVE-2006-6991

Cross-domain vulnerability in Fast Browser Pro 8.1 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site,...

Cross site scripting

Cross-site scripting XSS vulnerability in Adobe ColdFusion web server allows remote attackers to inject arbitrary HTML or web script via the User-Agent HTTP header, which is not sanitized before being displayed in an error page...

Design/Logic Flaw

EQdkp 1.3.1 and earlier authenticates administrative requests by verifying that the HTTP Referer header specifies an admin/ URL, which allows remote attackers to read or modify account names and passwords via a spoofed Referer...

JVN#05088443 CGI RESCUE WebFORM vulnerable to HTTP header injection

Impact Falsified information may be displayed or an arbitrary script may be executed on the user's web browser. Solution Products Affected WebFORM 4.3 and earlier According to the vendor's website, "Web Mailer" released from CGI RESCUE also contains a similar vulnerability...

[SA23913] CGI Rescue WebFORM Cross-Site Scripting and HTTP Header Injection

TITLE: CGI Rescue WebFORM Cross-Site Scripting and HTTP Header Injection SECUNIA ADVISORY ID: SA23913 VERIFY ADVISORY: http://secunia.com/advisories/23913/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: WebFORM 4.x http://secunia.com/product/10398/ DESCRIPTION:...

CVE-2006-6684

Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a long X-Forwarded-For HTTP header. NOTE: The provenance of this information is unknown; the details are obtained...