CVE-2005-1894

Direct code injection vulnerability in FlatNuke 2.5.3 allows remote attackers to execute arbitrary PHP code by placing the code into the Referer header of an HTTP request, which causes the code to be injected into referer.php, which can then be accessed by the attacker...

CVE-2005-1894

Direct code injection vulnerability in FlatNuke 2.5.3 allows remote attackers to execute arbitrary PHP code by placing code into the Referer header, which is injected into referer.php. Affected software: FlatNuke 2.5.3. Root cause: unsafely handling the Referer header leads to code execution. Imp...

CVE-2005-1894

Direct code injection vulnerability in FlatNuke 2.5.3 allows remote attackers to execute arbitrary PHP code by placing the code into the Referer header of an HTTP request, which causes the code to be injected into referer.php, which can then be accessed by the attacker...

PT-2005-2851 · Flatnuke · Flatnuke

Name of the Vulnerable Software and Affected Versions: FlatNuke version 2.5.3 Description: A direct code injection issue allows remote attackers to execute arbitrary PHP code by placing the code into the referer header of an HTTP request. This causes the code to be injected into referer.php, whic...

CVE-2003-1186

Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header...

CVE-2003-1054

modaccessreferer 1.0.2 allows remote attackers to cause a denial of service crash via a malformed Referer header that is missing a hostname, as parsed by the apparseuricomponents function in Apache, which triggers a null dereference...

RHEL 2.1 : kdelibs (RHSA-2003:236)

This erratum provides updated KDE packages that resolve a security issue in Konquerer. KDE is a graphical desktop environment for the X Window System. Konqueror is the file manager for the K Desktop Environment. George Staikos reported that Konqueror may inadvertently send authentication...

CVE-2003-1561

Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...

Buffer overflow in SimpleWebServer

Buffer overflow on oversized URL and Referer header...

CVE-2003-1186

Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header...

TelCondex SimpleWebserver 2.12.30210 build 3285 - HTTP Referer Remote Buffer Overflow

TelCondex SimpleWebserver 2.12.30210 build 3285 - HTTP Referer Remote Buffer Overflow source: https://www.securityfocus.com/bid/8925/info A vulnerability has been reported in SimpleWebServer that may allow a remote attacker to cause a denial of service condition or execute arbitrary code on...

CVE-2003-0459

KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites...

Moderate: Red Hat Security Advisory: : Updated KDE packages fix security issue

This erratum provides updated KDE packages that resolve a security issue in Konquerer. KDE is a graphical desktop environment for the X Window System. Konqueror is the file manager for the K Desktop Environment. George Staikos reported that Konqueror may inadvertently send authentication...

CVE-2003-0459

KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites...

Moderate: Red Hat Security Advisory: kdelibs security update

This erratum provides updated KDE packages that resolve a security issue in Konquerer. KDE is a graphical desktop environment for the X Window System. Konqueror is the file manager for the K Desktop Environment. George Staikos reported that Konqueror may inadvertently send authentication...

KDE Security Advisory: Konqueror Referrer Authentication Leak

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KDE Security Advisory: Konqueror Referer Leaking Website Authentication Credentials Original Release Date: 2003-07-29 URL: http://www.kde.org/info/security/advisory-20030729-1.txt 0. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-04...

CVE-2003-1054

modaccessreferer 1.0.2 allows remote attackers to cause a denial of service crash via a malformed Referer header that is missing a hostname, as parsed by the apparseuricomponents function in Apache, which triggers a null dereference...

mod_access_referer -- null pointer dereference vulnerability

A malformed Referer header field causes the Apache apparseuricomponents function to discard it with the result that a pointer is not initialized. The modaccessreferer module does not take this into account with the result that it may use such a pointer. The null pointer vulnerability may possibly...

CVE-2002-2246

Cross-site scripting XSS vulnerability in VisNetic Website before 3.5.15 allows remote attackers to inject arbitrary web script or HTML via the HTTP referer header HTTPREFERER to a non-existent page, which is injected into the resulting 404 error page...

VisNetic WebSite XSS vulnerability through HTTP referer header

Visnetic WebSite XSS vulnerability through HTTP Referer header --------------------------------------------------------------------------------------------- = Author: Ory Segal - Sanctum inc. http://www.sanctuminc.com/ = Release date: 09/12/2002 = Vendor: Deerfield http://www.deerfield.com The...