Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crlf vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2007-5613
Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty prior to 6.1.6rc1 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters and cookies.
Mortbay Jetty Jetty 4.0
Mortbay Jetty Jetty 4.1
Mortbay Jetty Jetty 3.0
Mortbay Jetty Jetty 3.1
Mortbay Jetty Jetty 1.0
Mortbay Jetty Jetty 4.2
Mortbay Jetty Jetty 5
Mortbay Jetty Jetty 2.4
Mortbay Jetty Jetty 6
Mortbay Jetty Jetty 5.1
Mortbay Jetty Jetty 6.1
445
VMScore
CVE-2006-2159
CRLF injection vulnerability in help.php in Russcom Network Loginphp allows remote malicious users to spoof e-mails and inject MIME headers via CRLF sequences in the email address.
Russcom Network Loginphp
668
VMScore
CVE-2007-3686
CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating Bar prior to 1.2.0 allows remote malicious users to inject arbitrary HTTP headers and data via CRLF sequences in the HTTP_REFERER parameter.
Masuga Design Unobtrusive Ajax Star Rating Bar
676
VMScore
CVE-2005-4830
CRLF injection vulnerability in viewcvs in ViewCVS 0.9.2 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the content-type parameter.
Viewcvs Viewcvs 0.9.2
570
VMScore
CVE-2007-1713
CRLF injection vulnerability in BSMTP.DLL in B21Soft BASP21 2003.0211, and BASP21 Pro 1.0.702.27 and previous versions, allows remote malicious users to inject arbitrary headers into e-mail messages via CRLF sequences in Subject lines.
B21soft Basp21
B21soft Basp21 2003.0211
445
VMScore
CVE-2004-1507
CRLF injection vulnerability in login.php in WebCalendar allows remote malicious users to inject CRLF sequences via the return_path parameter and perform HTTP Response Splitting attacks to modify expected HTML content from the server.
Webcalendar Webcalendar 0.9.16
Webcalendar Webcalendar 0.9.28
Webcalendar Webcalendar 0.9.39
Webcalendar Webcalendar 0.9.15
Webcalendar Webcalendar 0.9.38
Webcalendar Webcalendar 0.9.34
Webcalendar Webcalendar 0.9.44
Webcalendar Webcalendar 0.9.24
Webcalendar Webcalendar 0.9.20
Webcalendar Webcalendar 0.9.25
Webcalendar Webcalendar 0.9.11
Webcalendar Webcalendar 0.9.21
Webcalendar Webcalendar 0.9.37
Webcalendar Webcalendar 0.9.23
Webcalendar Webcalendar 0.9.29
Webcalendar Webcalendar 0.9.42
Webcalendar Webcalendar 0.9.22
Webcalendar Webcalendar 0.9.31
Webcalendar Webcalendar 0.9.26
Webcalendar Webcalendar 0.9.43
Webcalendar Webcalendar 0.9.8
Webcalendar Webcalendar 0.9.19
510
VMScore
CVE-2009-1523
Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x prior to 6.1.17, and 7.x up to and including 7.0.0.M2 allows remote malicious users to access arbitrary files via directory traversal sequences in the URI.
Mortbay Jetty 1.0.1
Mortbay Jetty 6.1.5
Mortbay Jetty 6.1.0
Mortbay Jetty 6.1.12
Mortbay Jetty 4.2.25
Mortbay Jetty 5.1.3
Mortbay Jetty 6.0.0
Mortbay Jetty 1.3.1
Mortbay Jetty 3.0.a3
Mortbay Jetty 1.3.4
Mortbay Jetty 4.2.22
Mortbay Jetty 3.1.8
Mortbay Jetty 3.0.a0
Mortbay Jetty 6.1.15
Mortbay Jetty 4.2.1
Mortbay Jetty 2.0.4
Mortbay Jetty
Mortbay Jetty 2.2
Mortbay Jetty 2.2.8
Mortbay Jetty 7.0.0
Mortbay Jetty 5.1.2
Mortbay Jetty 5.1.5
2 EDB exploits
790
VMScore
CVE-2012-5195
Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x prior to 5.12.5, 5.14.x prior to 5.14.3, and 5.15.x prior to 15.15.5 allows context-dependent malicious users to cause a denial of service (memory consumption and crash) or possibly execute arbitra...
Perl Perl 5.14.1
Perl Perl 5.12.0
Perl Perl 5.12.4
Perl Perl 5.12.1
Perl Perl 5.14.0
Perl Perl 5.12.3
Perl Perl 5.12.2
Perl Perl 5.14.2
383
VMScore
CVE-2015-2054
CRLF injection vulnerability in export.cfg in the web-based administrative console for Sierra Wireless AirCard 760S, 762S, and 763S allows remote malicious users to inject arbitrary headers via CRLF sequences in the save parameter.
Sierra Wireless Sierra Wireless Aircard 763s
Sierra Wireless Sierra Wireless Aircard 760s
Sierra Wireless Sierra Wireless Aircard 762s
383
VMScore
CVE-2003-1338
CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and previous versions allows remote malicious users to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header.
Aprelium Technologies Abyss Web Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »