Lucene search
K

9795 matches found

OSV
OSV
added 2010/12/06 8:12 p.m.9 views

CVE-2010-2761

The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...

6.6AI score
Exploits0References35
NVD
NVD
added 2010/12/06 8:12 p.m.26 views

CVE-2010-2761

The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...

4.3CVSS9.1AI score0.02713EPSS
Exploits0References35
OSV
OSV
added 2010/12/06 8:12 p.m.1 views

DEBIAN-CVE-2010-2761

The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...

4.3CVSS8.8AI score0.02713EPSS
Exploits0References1
CVE
CVE
added 2010/12/06 8:0 p.m.97 views

CVE-2010-2761

CVE-2010-2761 affects CGI.pm (before 3.50) and CGI::Simple (CGI::Simple 1.112 and earlier). The multipart_init function uses a hardcoded MIME boundary in multipart/x-mixed-replace, enabling remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via crafted input. Re...

4.3CVSS9AI score0.02713EPSS
Exploits0References35Affected Software2
CVE
CVE
added 2010/12/06 8:0 p.m.87 views

CVE-2010-4410

CGI.pm (before 3.50) and CGI::Simple (1.112 and earlier) expose a CRLF injection in the header function that allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via non-whitespace characters that follow newline characters. This is a separate issue from CVE...

4.3CVSS8.9AI score0.02045EPSS
Exploits0References24Affected Software2
Cvelist
Cvelist
added 2010/12/06 8:0 p.m.28 views

CVE-2010-4410

CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...

9.1AI score0.02045EPSS
Exploits0References24
Debian CVE
Debian CVE
added 2010/12/06 8:0 p.m.35 views

CVE-2010-4410

CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...

4.3CVSS9.2AI score0.02045EPSS
Exploits0
Debian CVE
Debian CVE
added 2010/12/06 8:0 p.m.34 views

CVE-2010-2761

The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...

4.3CVSS9.2AI score0.02713EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2010/12/06 12:0 a.m.31 views

CVE-2010-2761

The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...

4.3CVSS7.3AI score0.02713EPSS
Exploits0References4
securityvulns
securityvulns
added 2010/12/06 12:0 a.m.27 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References12Affected Software5
UbuntuCve
UbuntuCve
added 2010/12/06 12:0 a.m.26 views

CVE-2010-4410

CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...

4.3CVSS7.3AI score0.02045EPSS
Exploits0References4
securityvulns
securityvulns
added 2010/12/01 12:0 a.m.71 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

10CVSS1.6AI score0.65618EPSS
Exploits37References26Affected Software12
securityvulns
securityvulns
added 2010/11/30 12:0 a.m.39 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References2Affected Software3
securityvulns
securityvulns
added 2010/11/28 12:0 a.m.46 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References13Affected Software5
Exploit DB
Exploit DB
added 2010/11/24 12:0 a.m.35 views

SimpLISTic SQL 2.0 - 'email.cgi' Cross-Site Scripting

source: https://www.securityfocus.com/bid/45040/info SimpLISTic SQL is prone to a cross-site-scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user ...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2010/11/24 12:0 a.m.37 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.00988EPSS
Exploits6References13Affected Software10
Packet Storm
Packet Storm
added 2010/11/23 12:0 a.m.21 views

Hot Links SQL report.cgi SQL Injection

New eVuln Advisory: report.cgi SQL inj in Hot Links SQL http://evuln.com/vulns/141/summary.html -----------Summary----------- eVuln ID: EV0141 Software: Hot Links SQL 3 Vendor: Mrcgiguy Version: 3.2.0 Critical Level: medium Type: SQL injection Status: Unpatched. No reply from developers PoC:...

0.1AI score
Exploits0
OpenVAS
OpenVAS
added 2010/11/23 12:0 a.m.23 views

Mandriva Update for perl-CGI MDVSA-2010:237 (perl-CGI)

Check for the Version of perl-CGI OpenVAS Vulnerability Test Mandriva Update for perl-CGI MDVSA-2010:237 perl-CGI Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

4.3CVSS0.1AI score0.02713EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2010/11/23 12:0 a.m.28 views

Mandriva Update for perl-CGI MDVSA-2010:237 (perl-CGI)

Check for the Version of perl-CGI OpenVAS Vulnerability Test Mandriva Update for perl-CGI MDVSA-2010:237 perl-CGI Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

4.3CVSS9.1AI score0.02713EPSS
Exploits0References2
securityvulns
securityvulns
added 2010/11/18 12:0 a.m.54 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

9.3CVSS1.6AI score0.1202EPSS
Exploits24References19Affected Software11
Rows per page
Query Builder