CVE-2007-2550

Multiple CRLF injection vulnerabilities in Devellion CubeCart 3.0.15 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a cookie name beginning with "ccSID" to (1) cart.php or (2) index.php.
Configurations

Configuration 1

cpe:2.3:a:devellion:cubecart:3.0.15:*:*:*:*:*:*:*

Information

Published : 2007-05-09 10:19

Updated : 2018-10-16 04:44


NVD link : CVE-2007-2550

Mitre link : CVE-2007-2550

Products Affected
No products.