EUVD-2020-22117

Malware in sbrugna...

EUVD-2018-10878

Malware in sbrugna...

CVE-2019-17240

bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers...

CVE-2025-43954

QMarkdown aka quasar-ui-qmarkdown before 2.0.5 allows XSS via headers even when when no-html is set...

CVE-2025-30090

mime.php in SquirrelMail through 1.4.23-svn-20250401 and 1.5.x through 1.5.2-svn-20250401 allows XSS via e-mail headers, because JavaScript payloads are mishandled after $encoded has been set to true...

Linux Distros Unpatched Vulnerability : CVE-2017-6508

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CRLF injection vulnerability in the urlparse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequence...

CVE-2025-25200

A denial of service flaw was found in the koa library. An improperly designed regex is used to parse some specific HTTP headers. If untrusted requests are passed to koa, it can cause excessive resource usage on the server...

dasBlog Multiple HTTP Headers HTML Injection

Binary data 2193.prm...

Microsoft Internet Explorer 5.0.1/6.0 - Content-Disposition Handling File Execution

source: https://www.securityfocus.com/bid/4752/info An issue exists in the way Microsoft Internet Explorer handles conflicting information in some HTTP headers used to describe non-HTML content. A malicious web server may provide content with misleading values in the content-type and...