Vulnerabilities > CVE-2006-4505 - Unspecified vulnerability in NX5 Nx5Linx 1.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
nx5
exploit available
NVD
Published: 2006-08-31
Updated: 2018-10-17

Summary

CRLF injection vulnerability in links.php in NX5Linx 1.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a CRLF sequence in the url parameter.

Vulnerable Configurations

Part Description Count
Application
Nx5
1

Exploit-Db

descriptionNX5Linkx 1.0 Links.PHP HTTP Response Splitting Vulnerability. CVE-2006-4505. Webapps exploit for php platform
idEDB-ID:28568
last seen2016-02-03
modified2006-09-13
published2006-09-13
reporterAliaksandr Hartsuyeu
sourcehttps://www.exploit-db.com/download/28568/
titleNX5Linkx 1.0 Links.PHP HTTP Response Splitting Vulnerability

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/49997/EV0138.txt
idPACKETSTORM:49997
last seen2016-12-05
published2006-09-14
reporterAliaksandr Hartsuyeu
sourcehttps://packetstormsecurity.com/files/49997/EV0138.txt.html
titleEV0138.txt

References