Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2016-3166

CRLF injection vulnerability in the drupal_set_header function in Drupal 6.x before 6.38, when used with PHP before 5.1.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by leveraging a module that allows user-submitted data to appear in HTTP headers.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.8%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
Products affected by CVE-2016-3166
  • Drupal » Drupal » Version: 6.0
    cpe:2.3:a:drupal:drupal:6.0
  • Drupal » Drupal » Version: 6.1
    cpe:2.3:a:drupal:drupal:6.1
  • Drupal » Drupal » Version: 6.10
    cpe:2.3:a:drupal:drupal:6.10
  • Drupal » Drupal » Version: 6.11
    cpe:2.3:a:drupal:drupal:6.11
  • Drupal » Drupal » Version: 6.12
    cpe:2.3:a:drupal:drupal:6.12
  • Drupal » Drupal » Version: 6.13
    cpe:2.3:a:drupal:drupal:6.13
  • Drupal » Drupal » Version: 6.14
    cpe:2.3:a:drupal:drupal:6.14
  • Drupal » Drupal » Version: 6.15
    cpe:2.3:a:drupal:drupal:6.15
  • Drupal » Drupal » Version: 6.16
    cpe:2.3:a:drupal:drupal:6.16
  • Drupal » Drupal » Version: 6.17
    cpe:2.3:a:drupal:drupal:6.17
  • Drupal » Drupal » Version: 6.18
    cpe:2.3:a:drupal:drupal:6.18
  • Drupal » Drupal » Version: 6.19
    cpe:2.3:a:drupal:drupal:6.19
  • Drupal » Drupal » Version: 6.2
    cpe:2.3:a:drupal:drupal:6.2
  • Drupal » Drupal » Version: 6.20
    cpe:2.3:a:drupal:drupal:6.20
  • Drupal » Drupal » Version: 6.21
    cpe:2.3:a:drupal:drupal:6.21
  • Drupal » Drupal » Version: 6.22
    cpe:2.3:a:drupal:drupal:6.22
  • Drupal » Drupal » Version: 6.23
    cpe:2.3:a:drupal:drupal:6.23
  • Drupal » Drupal » Version: 6.24
    cpe:2.3:a:drupal:drupal:6.24
  • Drupal » Drupal » Version: 6.25
    cpe:2.3:a:drupal:drupal:6.25
  • Drupal » Drupal » Version: 6.26
    cpe:2.3:a:drupal:drupal:6.26
  • Drupal » Drupal » Version: 6.27
    cpe:2.3:a:drupal:drupal:6.27
  • Drupal » Drupal » Version: 6.28
    cpe:2.3:a:drupal:drupal:6.28
  • Drupal » Drupal » Version: 6.29
    cpe:2.3:a:drupal:drupal:6.29
  • Drupal » Drupal » Version: 6.3
    cpe:2.3:a:drupal:drupal:6.3
  • Drupal » Drupal » Version: 6.30
    cpe:2.3:a:drupal:drupal:6.30
  • Drupal » Drupal » Version: 6.31
    cpe:2.3:a:drupal:drupal:6.31
  • Drupal » Drupal » Version: 6.32
    cpe:2.3:a:drupal:drupal:6.32
  • Drupal » Drupal » Version: 6.33
    cpe:2.3:a:drupal:drupal:6.33
  • Drupal » Drupal » Version: 6.34
    cpe:2.3:a:drupal:drupal:6.34
  • Drupal » Drupal » Version: 6.35
    cpe:2.3:a:drupal:drupal:6.35
  • Drupal » Drupal » Version: 6.36
    cpe:2.3:a:drupal:drupal:6.36
  • Drupal » Drupal » Version: 6.37
    cpe:2.3:a:drupal:drupal:6.37
  • Drupal » Drupal » Version: 6.4
    cpe:2.3:a:drupal:drupal:6.4
  • Drupal » Drupal » Version: 6.5
    cpe:2.3:a:drupal:drupal:6.5
  • Drupal » Drupal » Version: 6.6
    cpe:2.3:a:drupal:drupal:6.6
  • Drupal » Drupal » Version: 6.7
    cpe:2.3:a:drupal:drupal:6.7
  • Drupal » Drupal » Version: 6.8
    cpe:2.3:a:drupal:drupal:6.8
  • Drupal » Drupal » Version: 6.9
    cpe:2.3:a:drupal:drupal:6.9
  • Debian » Debian Linux » Version: 7.0
    cpe:2.3:o:debian:debian_linux:7.0
  • Debian » Debian Linux » Version: 8.0
    cpe:2.3:o:debian:debian_linux:8.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved