Lucene search
HistoryFeb 19, 2005 - 5:00 a.m.
CVE-2004-1516
crlf injection
phpwebsite
http response splitting
vulnerability
index.php
cve-2004-1516
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.7 Medium
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.9%
CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the block_username parameter in the user module.
Affected configurations
Node
phpwebsitephpwebsiteMatch0.7.3
ORphpwebsitephpwebsiteMatch0.8.2
ORphpwebsitephpwebsiteMatch0.8.3
ORphpwebsitephpwebsiteMatch0.9.3
ORphpwebsitephpwebsiteMatch0.9.3.1
ORphpwebsitephpwebsiteMatch0.9.3.2
ORphpwebsitephpwebsiteMatch0.9.3.3
ORphpwebsitephpwebsiteMatch0.9.3.4
Related
openvas
openvas
Gentoo Security Advisory GLSA 200411-35 (phpwebsite)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200411-35 (phpwebsite)
2008-09-24 00:00:00
cvelist
cvelist
CVE-2004-1516
2005-02-19 05:00:00
nvd
nvd
CVE-2004-1516
2004-12-31 05:00:00
gentoo
gentoo
phpWebSite: HTTP response splitting vulnerability
2004-11-26 00:00:00
nessus
nessus
GLSA-200411-35 : phpWebSite: HTTP response splitting vulnerability
2004-11-27 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.7 Medium
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
80.9%
Related for CVE-2004-1516