4034 matches found
W-Agora 4.1.6a - subscribe_thread.php HTTP Response Splitting
W-Agora 4.1.6a - subscribethread.php HTTP Response Splitting source: https://www.securityfocus.com/bid/11283/info Multiple vulnerabilities are reported to affect the application. These issues arise due to insufficient sanitization of user-supplied data. A remote attacker may leverage these...
W-Agora 4.1.6 - a forgot_password.php?userid Cross-Site Scripting
W-Agora 4.1.6 - a forgotpassword.php?userid Cross-Site Scripting source: https://www.securityfocus.com/bid/11283/info Multiple vulnerabilities are reported to affect the application. These issues arise due to insufficient sanitization of user-supplied data. A remote attacker may leverage these...
W-Agora 4.1.6 - a download_thread.php?thread Cross-Site Scripting
W-Agora 4.1.6 - a downloadthread.php?thread Cross-Site Scripting source: https://www.securityfocus.com/bid/11283/info Multiple vulnerabilities are reported to affect the application. These issues arise due to insufficient sanitization of user-supplied data. A remote attacker may leverage these...
PD9 Software MegaBBS 2.02.1 - ladder-log.asp Multiple SQL Injections
PD9 Software MegaBBS 2.02.1 - ladder-log.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/11253/info MegaBBS is reported prone to multiple vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out HTTP...
PD9 Software MegaBBS 2.02.1 - view-profile.asp Multiple SQL Injections
PD9 Software MegaBBS 2.02.1 - view-profile.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/11253/info MegaBBS is reported prone to multiple vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out HTTP...
PD9 Software MegaBBS 2.02.1 - thread-post.asp Multiple Header CRLF Injections
PD9 Software MegaBBS 2.02.1 - thread-post.asp Multiple Header CRLF Injections source: https://www.securityfocus.com/bid/11253/info MegaBBS is reported prone to multiple vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry ou...
[Full-Disclosure] HTTP Response Splitting and SQL injection in megabbs forum
URL: http://www.pd9soft.com Tested megabbs 2.1 1. HTTP Response Splitting http://www.pd9soft.com/megabbs/forums/thread-post.asp?action=writenew&fid=0 d0aContent-Length:2000d0a0d0aHTTP/1.02020020OK0d0aContent-Type:20 text/html0d0aContent-Length:20330d0a0d0a3chtml3eScanned20by20Maxp...
PD9 Software MegaBBS 2.0/2.1 - 'ladder-log.asp' Multiple SQL Injections
source: https://www.securityfocus.com/bid/11253/info MegaBBS is reported prone to multiple vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out HTTP response splitting and SQL injection attacks. MegaBBS versions 2.0 and...
PD9 Software MegaBBS 2.0/2.1 - 'view-profile.asp' Multiple SQL Injections
source: https://www.securityfocus.com/bid/11253/info MegaBBS is reported prone to multiple vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out HTTP response splitting and SQL injection attacks. MegaBBS versions 2.0 and...
YaBB 1 Gold < 1.3.2 Multiple Input Validation Vulnerabilities
The remote host is using the YaBB 1 Gold web forum software. According to its version number, the remote version of this software is vulnerable to various input validation issues which may allow an attacker to perform cross-site scripting or HTTP splitting attacks against the remote host...
Snitz Forum < 3.4.05 HTTP Response Splitting
Binary data 2302.prm...
ADVISORY: security hole (http response splitting) in snitz forums 2000
ADVISORY Author: Maestro me! Date: 16-SEP-04 Vendor: Snitz Communications www.snitz.com Product: Snitz Forums 2000 v3.4.04 Product description: from vendor website "the leading ASP forum/bbs on the internet today" Problem: Http response splitting web cache poisoning, xss, yadayadayada -...
SnipSnap: HTTP response splitting
Background SnipSnap is a user friendly content management system with features such as wiki and weblog. Description SnipSnap contains various HTTP response splitting vulnerabilities that could potentially compromise the sites data. Some of these attacks include web cache poisoning, cross-user...
GLSA-200409-23 : SnipSnap: HTTP response splitting
The remote host is affected by the vulnerability described in GLSA-200409-23 SnipSnap: HTTP response splitting SnipSnap contains various HTTP response splitting vulnerabilities that could potentially compromise the sites data. Some of these attacks include web cache poisoning, cross-user...
Snitz Forums 2000 - down.asp HTTP Response Splitting
Snitz Forums 2000 - down.asp HTTP Response Splitting source: https://www.securityfocus.com/bid/11201/info Snitz Forums is reported prone to a HTTP response splitting vulnerability. The issue exists in a parameter of the 'down.asp' script. The issue presents itself due to a flaw in the affected...
Snitz Forums 2000 - 'down.asp' HTTP Response Splitting
source: https://www.securityfocus.com/bid/11201/info Snitz Forums is reported prone to a HTTP response splitting vulnerability. The issue exists in a parameter of the 'down.asp' script. The issue presents itself due to a flaw in the affected script that allows an attacker to manipulate how GET...
SnipSnap < 1.0b1 POST Request HTTP Response Splitting
Binary data 2289.prm...
ADVISORY: http response splitting in snipsnap
ADVISORY Author: Maestro me! Date: 14-SEP-04 Vendor: SnipSnap www.snipsnap.org Product: SnipSnap 0.5.2a Product description from vendor website: SnipSnap is a free and easy to install weblog and wiki tool written in Java. Problem: Http response splitting web cache poisoning, xss, yadayadayada -...
SnipSnap 0.5.2 - HTTP Response Splitting
SnipSnap 0.5.2 - HTTP Response Splitting source: https://www.securityfocus.com/bid/11180/info SnipSnap is reported prone to an HTTP response splitting vulnerability. The issue exists in the 'referer' parameter. The issue presents itself due to a flaw in the application that allows an attacker to...
SnipSnap 0.5.2 - HTTP Response Splitting
source: https://www.securityfocus.com/bid/11180/info SnipSnap is reported prone to an HTTP response splitting vulnerability. The issue exists in the 'referer' parameter. The issue presents itself due to a flaw in the application that allows an attacker to manipulate how POST requests are handled...