3 matches found
CVE-2026-43966 HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2
Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting' vulnerability in ninenines cowlib allows HTTP response splitting via non-VCHAR bytes in structured-fields string values. cowhttpstructhd:escapestring/2 in cowlib only escapes \ and ", passing all other byt...
PT-2026-20804
Execution After Redirect EAR, Missing Authentication for Critical Function vulnerability in Inrove Software and Internet Services BiEticaret CMS allows Authentication Bypass, HTTP Response Splitting.This issue affects BiEticaret CMS: from 2.1.13 through 19022026. NOTE: The vendor was contacted...
Promise Technology WebPam Pro-E Appliance HTTP Response Header Injection Vulnerability
Promise Technology WebPam Pro-E devices are a data center device from Promise Technology. A security vulnerability exists in the Promise Technology WebPam Pro-E devices due to a failure to filter parameters in the PHPSESSID cookie. The vulnerability can be exploited by remote attackers to conduct...