CVE-2004-1516

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/12/2004
Last modified:
03/04/2025

Description

CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the block_username parameter in the user module.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:phpwebsite:phpwebsite:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.8.3:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.9.3.1:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.9.3.2:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.9.3.3:*:*:*:*:*:*:*
cpe:2.3:a:phpwebsite:phpwebsite:0.9.3.4:*:*:*:*:*:*:*