Описание
CRLF injection vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter.
CRLF injection vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-0202
- http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html
- http://securityreason.com/securityalert/3539
- http://securityvulns.ru/Sdocument472.html
- http://websecurity.com.ua/1454
- http://www.securityfocus.com/archive/1/485786/100/0/threaded
- http://www.securityfocus.com/bid/27128
Связанные уязвимости
nvd
около 18 лет назад
CRLF injection vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter.