9795 matches found
CVE-2010-2761
The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...
CVE-2010-2761
The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...
DEBIAN-CVE-2010-2761
The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...
CVE-2010-2761
CVE-2010-2761 affects CGI.pm (before 3.50) and CGI::Simple (CGI::Simple 1.112 and earlier). The multipart_init function uses a hardcoded MIME boundary in multipart/x-mixed-replace, enabling remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via crafted input. Re...
CVE-2010-4410
CGI.pm (before 3.50) and CGI::Simple (1.112 and earlier) expose a CRLF injection in the header function that allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via non-whitespace characters that follow newline characters. This is a separate issue from CVE...
CVE-2010-4410
CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...
CVE-2010-4410
CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...
CVE-2010-2761
The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...
CVE-2010-2761
The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
CVE-2010-4410
CRLF injection vulnerability in the header function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
SimpLISTic SQL 2.0 - 'email.cgi' Cross-Site Scripting
source: https://www.securityfocus.com/bid/45040/info SimpLISTic SQL is prone to a cross-site-scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user ...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Hot Links SQL report.cgi SQL Injection
New eVuln Advisory: report.cgi SQL inj in Hot Links SQL http://evuln.com/vulns/141/summary.html -----------Summary----------- eVuln ID: EV0141 Software: Hot Links SQL 3 Vendor: Mrcgiguy Version: 3.2.0 Critical Level: medium Type: SQL injection Status: Unpatched. No reply from developers PoC:...
Mandriva Update for perl-CGI MDVSA-2010:237 (perl-CGI)
Check for the Version of perl-CGI OpenVAS Vulnerability Test Mandriva Update for perl-CGI MDVSA-2010:237 perl-CGI Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for perl-CGI MDVSA-2010:237 (perl-CGI)
Check for the Version of perl-CGI OpenVAS Vulnerability Test Mandriva Update for perl-CGI MDVSA-2010:237 perl-CGI Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...