Back to search
CVE-2005-1951
Published: Jun 14, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and earlier allow remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the (1) products_id or (2) pid parameter to index.php or (3) goto parameter to banner.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20050610 osCommere HTTP Response Splitting
mailing-list
x_refsource_BUGTRAQ
15670
third-party-advisory
x_refsource_SECUNIA
20050616 RE: osCommere HTTP Response Splitting (Solution)
mailing-list
x_refsource_BUGTRAQ
http://www.gulftech.org/?node=research&article_id=00080-06102005
x_refsource_MISC
13979
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now