CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the block_username parameter in the user module.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpwebsite | Phpwebsite | 0.7.3 (including) | 0.7.3 (including) |
Phpwebsite | Phpwebsite | 0.8.2 (including) | 0.8.2 (including) |
Phpwebsite | Phpwebsite | 0.8.3 (including) | 0.8.3 (including) |
Phpwebsite | Phpwebsite | 0.9.3 (including) | 0.9.3 (including) |
Phpwebsite | Phpwebsite | 0.9.3.1 (including) | 0.9.3.1 (including) |
Phpwebsite | Phpwebsite | 0.9.3.2 (including) | 0.9.3.2 (including) |
Phpwebsite | Phpwebsite | 0.9.3.3 (including) | 0.9.3.3 (including) |
Phpwebsite | Phpwebsite | 0.9.3.4 (including) | 0.9.3.4 (including) |