CVE-2006-5566
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/10/2006
Last modified:
17/10/2018
Description
CRLF injection vulnerability in premium/index.php in Shop-Script allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the (1) links_exchange, (2) news, (3) search_with_change_category_ability, (4) logging, (5) feedback, (6) show_price, (7) register, (8) answer, (9) productID, and (10) inside parameters.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:webasyst_llc:shop-script:*:*:free:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page