W-Agora 4.1.6a - 'subscribe_thread.php' HTTP Response Splitting

EDB-ID:

24651

CVE:

2004-1564

EDB Verified:

Author:

Alexander Antipov

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2004-09-30

Vulnerable App:

source: https://www.securityfocus.com/bid/11283/info
  
Multiple vulnerabilities are reported to affect the application. These issues arise due to insufficient sanitization of user-supplied data. A remote attacker may leverage these vulnerabilities to carry out SQL injection, cross-site scripting, and HTTP response splitting attacks.
  
These issues were identified in W-Agora 4.1.6a, however, it is possible that other versions are also affected.

/subscribe_thread.php?site=support&bn=support_in

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services