Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crlf vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2016-6484
CRLF injection vulnerability in Infoblox Network Automation NetMRI prior to 7.1.1 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf.
Infoblox Netmri
668
VMScore
CVE-2020-15690
In Nim prior to 1.2.6, the standard library asyncftpclient lacks a check for whether a message contains a newline character.
Nim-lang Nim
445
VMScore
CVE-2002-1783
CRLF injection vulnerability in PHP 4.2.1 up to and including 4.2.3, when allow_url_fopen is enabled, allows remote malicious users to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file fu...
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.2.2
Php Php 3.0.17
Php Php 4.0.7
Php Php 4.1.1
Php Php 3.0.15
Php Php 3.0.16
Php Php 4.2.3
Php Php 4.0.6
Php Php 4.1.2
Php Php 3.0.18
Php Php 4.2.1
Php Php 4.0.3
Php Php 3.0.14
668
VMScore
CVE-2002-0985
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow malicious users to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.
Php Php
Openpkg Openpkg 1.1
Openpkg Openpkg 1.2
445
VMScore
CVE-2002-0986
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote malicious users to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.2.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.0.2
Php Php 4.1.1
Php Php 4.0.1
Php Php 4.0
Php Php 4.0.6
Php Php 4.1.2
Php Php 3.0.18
Php Php 4.2.1
445
VMScore
CVE-2012-5572
CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer prior to 1.3114 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than CVE-2012-5526.
Dancer Dancer 1.150
Dancer Dancer 1.3079 5
Dancer Dancer 1.3079 3
Dancer Dancer 1.3071
Dancer Dancer
Dancer Dancer 1.3111
Dancer Dancer 1.3110
Dancer Dancer 1.3112
Dancer Dancer 1.3060
Dancer Dancer 1.3111 01
445
VMScore
CVE-2021-29084
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in Security Advisor report management component in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to read arbitrary ...
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller
828
VMScore
CVE-2007-4396
Multiple CRLF injection vulnerabilities in (1) ixmmsa.pl 0.3, (2) l33tmusic.pl 2.00, (3) mpg123.pl 0.01, (4) ogg123.pl 0.01, (5) xmms.pl 2.0, (6) xmms2.pl 1.1.3, and (7) xmmsinfo.pl 1.1.1.1 scripts for irssi prior to 0.8.11 allow user-assisted remote malicious users to execute ar...
Irssi Irssi
NA
CVE-2024-32764
A missing authentication for critical function vulnerability has been reported to affect myQNAPcloud Link. If exploited, the vulnerability could allow users with the privilege level of some functionality via a network. We have already fixed the vulnerability in the following vers...
409
VMScore
CVE-2006-5969
CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and previous versions allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308.
Fvwm Fvwm
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »