Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crlf vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3962
The management interface on the 2wire Gateway 1700HG, 1701HG, 1800HW, 2071, 2700HG, and 2701HG-T with software prior to 5.29.52 allows remote malicious users to cause a denial of service (reboot) via a %0d%0a sequence in the page parameter to the xslt program on TCP port 50001, a...
2wire 1700hg
2wire 2700hg
2wire 2071
2wire 1701hg
2wire 1800hw
2wire 2701hg-t
1 EDB exploit
NA
CVE-2002-0985
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow malicious users to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.
Php Php
Openpkg Openpkg 1.1
Openpkg Openpkg 1.2
NA
CVE-2002-0986
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote malicious users to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
Php Php 4.0.3
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.1.1
Php Php 4.1.2
Php Php 3.0.18
Php Php 4.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.2
Php Php 4.0.7
Php Php 4.1.0
NA
CVE-2002-1783
CRLF injection vulnerability in PHP 4.2.1 up to and including 4.2.3, when allow_url_fopen is enabled, allows remote malicious users to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file fu...
Php Php 3.0.14
Php Php 3.0.15
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.2.3
Php Php 3.0.18
Php Php 4.0.3
Php Php 4.1.2
Php Php 4.2.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.2.1
Php Php 4.2.2
Php Php 3.0.16
Php Php 3.0.17
Php Php 4.1.0
Php Php 4.1.1
7.5
CVSSv3
CVE-2021-29084
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in Security Advisor report management component in Synology DiskStation Manager (DSM) prior to 6.2.3-25426-3 allows remote malicious users to read arbitrary ...
Synology Diskstation Manager
Synology Diskstation Manager Unified Controller
NA
CVE-2012-5572
CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer prior to 1.3114 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than CVE-2012-5526.
Dancer Dancer
Dancer Dancer 1.3111 01
Dancer Dancer 1.3071
Dancer Dancer 1.150
Dancer Dancer 1.3111
Dancer Dancer 1.3110
Dancer Dancer 1.3079 5
Dancer Dancer 1.3079 3
Dancer Dancer 1.3112
Dancer Dancer 1.3060
NA
CVE-2007-4396
Multiple CRLF injection vulnerabilities in (1) ixmmsa.pl 0.3, (2) l33tmusic.pl 2.00, (3) mpg123.pl 0.01, (4) ogg123.pl 0.01, (5) xmms.pl 2.0, (6) xmms2.pl 1.1.3, and (7) xmmsinfo.pl 1.1.1.1 scripts for irssi prior to 0.8.11 allow user-assisted remote malicious users to execute ar...
Irssi Irssi
6.1
CVSSv3
CVE-2019-7313
www/resource.py in Buildbot prior to 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain.
Buildbot Buildbot
NA
CVE-2006-5969
CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and previous versions allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308.
Fvwm Fvwm
NA
CVE-2019-13609
CVE-2019-13609 - CRLF Vulnerability in Citrix License Server for Windows and VPX
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »