CVE-2004-1620

NONECVSS 0.0

0.0

CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php, or (3) the HTTP Referer field in comment.php.

🔗 References (26)

cve@mitrehttp://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/comment.php?rev=1.49&view=markup
cve@mitrehttp://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/exit.php?rev=1.10&view=markup
cve@mitrehttp://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/index.php?rev=1.52&view=markup
cve@mitrehttp://marc.info/?l=bugtraq&m=109841283115808&w=2
cve@mitrehttp://secunia.com/advisories/12909/
cve@mitrehttp://securitytracker.com/id?1011864
cve@mitrehttp://sourceforge.net/project/shownotes.php?release_id=276694
cve@mitrehttp://www.osvdb.org/11013
cve@mitrehttp://www.osvdb.org/11038
cve@mitrehttp://www.osvdb.org/11039
cve@mitrehttp://www.s9y.org/5.html
cve@mitrehttp://www.securityfocus.com/bid/11497
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/17798
af854a3a-2127-422b-91ae-364da2661108http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/comment.php?rev=1.49&view=markup
af854a3a-2127-422b-91ae-364da2661108http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/exit.php?rev=1.10&view=markup

Is Your Infrastructure Affected by CVE-2004-1620?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2004-1620

📅 Published

🔄 Last Modified

🔗 References (26)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2004-1620?