3718 matches found
Squid HTTP Header Injection Vulnerability
Squid Cache or Squid for short is a popular proxy server and web caching server software. A vulnerability in Squid's handling of HTTP responses with specially crafted headers allows attackers to exploit the vulnerability for HTTP response splitting attacks...
Cisco Ironport AsyncOS HTTP Header Injection Vulnerability
Cisco Ironport AsyncOS suffers from an HTTP header injection vulnerability. Cisco Ironport AsyncOS HTTP Header Injection Vendor: Cisco Product webpage: http://www.cisco.com Affected versions: Cisco Ironport ESA - AsyncOS 8.0.1-023 Cisco Ironport WSA - AsyncOS 8.5.5-021 Cisco Ironport SMA - AsyncO...
Cisco Ironport AsyncOS HTTP Header Injection
Cisco Ironport AsyncOS HTTP Header Injection Vendor: Cisco Product webpage: http://www.cisco.com Affected versions: Cisco Ironport ESA - AsyncOS 8.0.1-023 Cisco Ironport WSA - AsyncOS 8.5.5-021 Cisco Ironport SMA - AsyncOS 8.4.0-138 Date: 24/02/2015 Credits: Glafkos Charalambous CVE: CVE-2015-062...
CVE-2015-0624
The web framework in Cisco AsyncOS on Email Security Appliance ESA, Content Security Management Appliance SMA, and Web Security Appliance WSA devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and...
Design/Logic Flaw
The web framework in Cisco AsyncOS on Email Security Appliance ESA, Content Security Management Appliance SMA, and Web Security Appliance WSA devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and...
CVE-2015-0624
The web framework in Cisco AsyncOS on Email Security Appliance ESA, Content Security Management Appliance SMA, and Web Security Appliance WSA devices allows remote attackers to trigger redirects via a crafted HTTP header, aka Bug IDs CSCur44412, CSCur44415, CSCur89630, CSCur89636, CSCur89633, and...
CVE-2015-0624
Cisco AsyncOS web framework on ESA, SMA, and WSA is vulnerable to an HTTP header injection flaw due to insufficient validation of header values (notably Host/X-Forwarded-Host). A remote attacker can trigger redirects to arbitrary URLs by sending crafted HTTP headers, potentially aided by publicly...
CVE-2014-8911
Cross-site scripting XSS vulnerability in IBM Content Navigator 2.0.0 and 2.0.1 before 2.0.1.2 FP002 IF003 and 2.0.3 before 2.0.3.2 FP002 allows remote attackers to inject arbitrary web script or HTML via the Accept-Language HTTP header...
CVE-2014-8911
Cross-site scripting XSS vulnerability in IBM Content Navigator 2.0.0 and 2.0.1 before 2.0.1.2 FP002 IF003 and 2.0.3 before 2.0.3.2 FP002 allows remote attackers to inject arbitrary web script or HTML via the Accept-Language HTTP header...
Fortinet FortiWeb Multiple Vulnerabilities (FG-IR-13-009)
Fortinet FortiWeb is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:fortinet:fortiweb"; if...
Pivotal Software management plugin CRLF injection vulnerability
Pivotal Software RabbitMQ is a British company Pivotal Software's set of implementation of the Advanced Message Queuing Protocol AMQP open source message broker software. RabbitMQ management is one of the management plug-in . A CRLF injection vulnerability exists in the management plugin for...
OpenSchool Community Edition 2.2 XSS / Access Bypass
Exploit Title: OpenSchool Community Edition version 2.2 Multiple Vulnerabilities Date: 25 January 2015 Exploit Author: Mahendra Vendor Homepage: www.open-school.org Software Link: http://sourceforge.net/projects/fiyo-cms/ Full version demo: http://www.tryopenschool.com Version: 2.2 Tested : Kali...
Square: HTTP Header revealing server information.
Hi Square, - Vulneravility Class: OWASP A5: Security Misconfiguration - Proof of Concept: nc 74.122.190.83 80 GET / HTTP/1.1 host:1.1.1.1 HTTP/1.1 301 Moved Permanently Transfer-Encoding: chunked Connection: keep-alive Status: 301 Moved Permanently Location: https://squareup.com/ X-Powered-By:...
Firefox Meta Referrer A Move Toward Browser Privacy
The HTTP Referer header is a marketer’s dream, and a privacy nightmare all in one. The header contains tracking information that organizations can use for statistical traffic analysis and naturally to promote services to the right audience. It started out by including just the last page the user...
ALCASAR 'index.php' Crafted HTTP Header RCE
The ALCASAR network access controller hosted on the remote web server is affected by a remote code execution vulnerability due to not properly sanitizing user-supplied input to the 'host' HTTP header passed to the 'index.php' script. A remote, unauthenticated attacker can exploit this issue to...
CVE-2015-0219
Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an underscore character instead of a - dash character in an HTTP header, as demonstrated by an X-AuthUser header...
CVE-2015-0219
CVE-2015-0219 affects Django: WSGI headers can be spoofed when an underscore is used instead of a dash in HTTP header names (e.g., X-Auth_User). Affected versions are Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3. The root cause is unclear from the provided initial document, b...
Open redirect
Open redirect vulnerability in lib/Cake/Controller/Controller.php in AdaptCMS 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP Referer header...
Sierra Wireless AirCard 760S/762S/763S Mobile Hotspot CRLF Injection
Sierra Wireless AirCard 760S/762S/763S Mobile Hotspot CRLF Injection Overview Sierra Wireless produces a mobile wi-fi hotspot device that is popular amongst telecommunication companies for re-branding to suit local markets. The AirCard 760S/762S/763S Web-based Administrative Console suffers from ...
Authentication flaw
VDG Security SENSE formerly DIVA before 2.3.15 allows remote attackers to bypass authentication, and consequently read and modify arbitrary plugin settings, via an encoded : colon character in the Authorization HTTP header...