Lucene search
K

5 matches found

CVE
CVE
added 2015/10/29 8:0 p.m.70 views

CVE-2015-5285

CVE-2015-5285 affects Kallithea, a web-based source code management system. The vulnerability is a CRLF/HTTP header injection in the came_from parameter of the _admin/login page, enabling an attacker to inject arbitrary HTTP headers and perform HTTP response splitting. Documented affected version...

5CVSS6.8AI score0.06039EPSS
Exploits6References4Affected Software1
exploitpack
exploitpack
added 2015/10/08 12:0 a.m.30 views

Kallithea 0.2.9 - came_from HTTP Response Splitting

Kallithea 0.2.9 - camefrom HTTP Response Splitting Kallithea 0.2.9 camefrom HTTP Response Splitting Vulnerability Vendor: Kallithea Product web page: https://www.kallithea-scm.org Version affected: 0.2.9 and 0.2.2 Summary: Kallithea, a member project of Software Freedom Conservancy, is a GPLv3'd,...

5CVSS6.5AI score0.06039EPSS
Exploits6
0day.today
0day.today
added 2015/10/08 12:0 a.m.66 views

Kallithea 0.2.9 HTTP Response Splitting Vulnerability

Kallithea suffers from a HTTP header injection response splitting vulnerability because it fails to properly sanitize user input before using it as an HTTP header value via the GET 'camefrom' parameter in the login instance. This type of attack not only allows a malicious user to control the...

5CVSS6.6AI score0.06039EPSS
Exploits6
Packet Storm
Packet Storm
added 2015/10/08 12:0 a.m.36 views

Kallithea 0.2.9 HTTP Response Splitting

Kallithea 0.2.9 camefrom HTTP Response Splitting Vulnerability Vendor: Kallithea Product web page: https://www.kallithea-scm.org Version affected: 0.2.9 and 0.2.2 Summary: Kallithea, a member project of Software Freedom Conservancy, is a GPLv3'd, Free Software source code management system that...

5CVSS6.5AI score0.06039EPSS
Exploits6
Exploit DB
Exploit DB
added 2015/10/08 12:0 a.m.46 views

Kallithea 0.2.9 - 'came_from' HTTP Response Splitting

Kallithea 0.2.9 camefrom HTTP Response Splitting Vulnerability Vendor: Kallithea Product web page: https://www.kallithea-scm.org Version affected: 0.2.9 and 0.2.2 Summary: Kallithea, a member project of Software Freedom Conservancy, is a GPLv3'd, Free Software source code management system that...

5CVSS6.4AI score0.06039EPSS
Exploits6
Rows per page
Query Builder