CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1470

CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.077

EPSS Ranking 92.0%

CVSS Severity

CVSS v2 Score 5.0

References

http://marc.info/?l=bugtraq&m=109518773223511&w=2
http://www.gentoo.org/security/en/glsa/glsa-200409-23.xml
http://www.securityfocus.com/bid/11180
http://www.snipsnap.org/space/start
https://exchange.xforce.ibmcloud.com/vulnerabilities/17364
http://marc.info/?l=bugtraq&m=109518773223511&w=2
http://www.gentoo.org/security/en/glsa/glsa-200409-23.xml
http://www.securityfocus.com/bid/11180
http://www.snipsnap.org/space/start
https://exchange.xforce.ibmcloud.com/vulnerabilities/17364

Products affected by CVE-2004-1470

Snipsnap » Snipsnap » Version: 0.5.2a

cpe:2.3:a:snipsnap:snipsnap:0.5.2a

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1470

Products

Pricing

Contact Us