CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CRLF injection vulnerability in viewcvs in ViewCVS 0.9.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the content-type parameter...

7.2AI score

Exploits0References3

Tenable Nessus•added 2004/12/28 12:0 a.m.•9 views

ViewCVS < 1.0.0 HTTP Response Splitting

Binary data 2478.prm...

7.6CVSS7.3AI score0.00797EPSS

Exploits2References5

Debian•added 2004/12/06 10:18 a.m.•24 views

[SECURITY] [DSA 605-1] New viewcvs packages fix information leak

-------------------------------------------------------------------------- Debian Security Advisory DSA 605-1 [email protected] http://www.debian.org/security/ Martin Schulze December 6th, 2004 http://www.debian.org/security/faq -...

5CVSS1.3AI score0.00346EPSS

Exploits0

NVD•added 2002/08/12 4:0 a.m.•5 views

CVE-2002-0771

Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 allows remote attackers to inject script and steal cookies via the 1 cvsroot or 2 sortby parameters...

6.4CVSS6.3AI score0.08223EPSS

Exploits1References3

Cvelist•added 2002/07/26 4:0 a.m.•10 views

CVE-2002-0771

Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 allows remote attackers to inject script and steal cookies via the 1 cvsroot or 2 sortby parameters...

6.3AI score0.08223EPSS

Exploits1References3

exploitpack•added 2002/05/24 12:0 a.m.•7 views

ViewCVS 0.9.2 - Cross-Site Scripting

ViewCVS 0.9.2 - Cross-Site Scripting source: https://www.securityfocus.com/bid/4818/info ViewCVS does not filter HTML tags from certain URL parameters, making it prone to cross-site scripting attacks. An attacker may exploit this by constructing a malicious link with script code to a site running...

0.3AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by