3 matches found
CVE-2016-4793
The CVE-2016-4793 issue affects CakePHP up to version 3.2.4, where the clientIp function can be coerced to accept spoofed IPs via the CLIENT-IP HTTP header. This enables remote IP spoofing and may bypass IP-based access controls and enable injection-like issues as described in linked advisories. ...
CVE-2006-2702
vars.php in WordPress 2.0.2, possibly when running on Mac OS X, allows remote attackers to spoof their IP address via a PCREMOTEADDR HTTP header, which vars.php uses to redefine $SERVER'REMOTEADDR'...
DEBIAN-CVE-2006-2702
vars.php in WordPress 2.0.2, possibly when running on Mac OS X, allows remote attackers to spoof their IP address via a PCREMOTEADDR HTTP header, which vars.php uses to redefine $SERVER'REMOTEADDR'...