CVE-2007-4385
published 2007-08-17CVE-2007-4385: OWASP Stinger before 2.5 allows remote attackers to bypass input validation routines by using multipart encoded requests instead of form-urlencoded requests…
PriorityP335medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
3.08%
86.0th percentile
OWASP Stinger before 2.5 allows remote attackers to bypass input validation routines by using multipart encoded requests instead of form-urlencoded requests. NOTE: this might be used to expose vulnerabilities in applications that would otherwise be protected by the validation routines.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| owasp | stinger | <= 2.4 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://o0o.nu/~meder/o0o_bypassing_servlet_input_validation_filters.txthttp://osvdb.org/39544http://secunia.com/advisories/26441http://securityreason.com/securityalert/3035http://www.securityfocus.com/archive/1/476288/100/0/threadedhttp://www.securityfocus.com/bid/25294http://www.securitytracker.com/id?1018555https://exchange.xforce.ibmcloud.com/vulnerabilities/35981http://o0o.nu/~meder/o0o_bypassing_servlet_input_validation_filters.txthttp://osvdb.org/39544http://secunia.com/advisories/26441http://securityreason.com/securityalert/3035http://www.securityfocus.com/archive/1/476288/100/0/threadedhttp://www.securityfocus.com/bid/25294http://www.securitytracker.com/id?1018555https://exchange.xforce.ibmcloud.com/vulnerabilities/35981
2007-08-17
Published