mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-27 13:20:31 +01:00
828 B
828 B
CVE-2015-5285
Description
CRLF injection vulnerability in Kallithea before 0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the came_from parameter to _admin/login.
POC
Reference
- http://packetstormsecurity.com/files/133897/Kallithea-0.2.9-HTTP-Response-Splitting.html
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5267.php
- https://www.exploit-db.com/exploits/38424/
Github
No PoCs found on GitHub currently.