CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-0892

CRLF injection vulnerability in phpMyVisites before 2.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the url parameter, when the pagename parameter begins with "FILE:".

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.0%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2007-0892

Matthieu Aubry » Phpmyvisites » Version: Any

cpe:2.3:a:matthieu_aubry:phpmyvisites:*
Matthieu Aubry » Phpmyvisites » Version: 0.1_beta

cpe:2.3:a:matthieu_aubry:phpmyvisites:0.1_beta
Matthieu Aubry » Phpmyvisites » Version: 1.0

cpe:2.3:a:matthieu_aubry:phpmyvisites:1.0
Matthieu Aubry » Phpmyvisites » Version: 1.1

cpe:2.3:a:matthieu_aubry:phpmyvisites:1.1
Matthieu Aubry » Phpmyvisites » Version: 1.2

cpe:2.3:a:matthieu_aubry:phpmyvisites:1.2
Matthieu Aubry » Phpmyvisites » Version: 1.2.1

cpe:2.3:a:matthieu_aubry:phpmyvisites:1.2.1
Matthieu Aubry » Phpmyvisites » Version: 1.2.2

cpe:2.3:a:matthieu_aubry:phpmyvisites:1.2.2
Matthieu Aubry » Phpmyvisites » Version: 1.2_beta

cpe:2.3:a:matthieu_aubry:phpmyvisites:1.2_beta
Matthieu Aubry » Phpmyvisites » Version: 1.3

cpe:2.3:a:matthieu_aubry:phpmyvisites:1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-0892

Products

Pricing

Contact Us