6 matches found
EUVD-2018-18350
Malware in sbrugna...
Promise Technology WebPam Pro-E Appliance HTTP Response Header Injection Vulnerability
Promise Technology WebPam Pro-E devices are a data center device from Promise Technology. A security vulnerability exists in the Promise Technology WebPam Pro-E devices due to a failure to filter parameters in the PHPSESSID cookie. The vulnerability can be exploited by remote attackers to conduct...
CVE-2018-6603
Promise Technology WebPam Pro-E devices allow remote attackers to conduct XSS, HTTP Response Splitting, and CRLF Injection attacks via JavaScript code in a PHPSESSID cookie...
Crlf injection
Promise Technology WebPam Pro-E devices allow remote attackers to conduct XSS, HTTP Response Splitting, and CRLF Injection attacks via JavaScript code in a PHPSESSID cookie...
CVE-2018-6603
Promise Technology WebPam Pro-E devices allow remote attackers to conduct XSS, HTTP Response Splitting, and CRLF Injection attacks via JavaScript code in a PHPSESSID cookie...
CVE-2018-6603
The CVE-2018-6603 issue affects Promise Technology WebPam Pro-E devices, where remote attackers can exploit a failure to filter parameters in the PHPSESSID cookie to trigger XSS, HTTP Response Splitting, and CRLF Injection via JavaScript in the cookie. Public references in CNVD/NVD entries corrob...