Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2006-6374

Опубликовано: 07 дек. 2006
Источник: debian
EPSS Низкий

Описание

Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a phpMyAdmin cookie in (1) css/phpmyadmin.css.php, (2) db_create.php, (3) index.php, (4) left.php, (5) libraries/session.inc.php, (6) libraries/transformations/overview.php, (7) querywindow.php, (8) server_engines.php, and possibly other files.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
phpmyadminnot-affectedpackage
phpmyadminnot-affectedsargepackage
phpmyadminnot-affectedetchpackage

Примечания

  • not exploitable with PHP 5.1.2+ and 4.4.2+

  • https://www.phpmyadmin.net/security/PMASA-2007-1/

  • https://github.com/phpmyadmin/phpmyadmin/commit/c9d93f63940fe960d3b6341d8bfb7b707c87e744

EPSS

Процентиль: 67%
0.00567
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2006-6374

ubuntu
больше 18 лет назад

Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a phpMyAdmin cookie in (1) css/phpmyadmin.css.php, (2) db_create.php, (3) index.php, (4) left.php, (5) libraries/session.inc.php, (6) libraries/transformations/overview.php, (7) querywindow.php, (8) server_engines.php, and possibly other files.

nvd логотип

CVE-2006-6374

nvd
больше 18 лет назад

Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a phpMyAdmin cookie in (1) css/phpmyadmin.css.php, (2) db_create.php, (3) index.php, (4) left.php, (5) libraries/session.inc.php, (6) libraries/transformations/overview.php, (7) querywindow.php, (8) server_engines.php, and possibly other files.

github логотип

GHSA-7f3j-w8q6-49h4

github
около 3 лет назад

Multiple CRLF injection vulnerabilities in PhpMyAdmin 2.7.0-pl2 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a phpMyAdmin cookie in (1) css/phpmyadmin.css.php, (2) db_create.php, (3) index.php, (4) left.php, (5) libraries/session.inc.php, (6) libraries/transformations/overview.php, (7) querywindow.php, (8) server_engines.php, and possibly other files.

EPSS

Процентиль: 67%
0.00567
Низкий