ID CVE-2018-6889
Summary An issue was discovered in Typesetter 5.1. It suffers from a Host header injection vulnerability, Using this attack, a malicious user can poison the web cache or perform advanced password reset attacks or even trigger arbitrary user re-direction.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
exploit-db via4
description TypeSetter CMS 5.1 - 'Host' Header Injection. CVE-2018-6889. Webapps exploit for PHP platform
id EDB-ID:44028
last seen 2018-02-13
modified 2018-02-13
published 2018-02-13
reporter Exploit-DB
source https://www.exploit-db.com/download/44028/
title TypeSetter CMS 5.1 - 'Host' Header Injection
packetstorm via4
data source https://packetstormsecurity.com/files/download/146369/typesettercms51-inject.txt
id PACKETSTORM:146369
last seen 2018-02-16
published 2018-02-13
reporter Navina Asrani
source https://packetstormsecurity.com/files/146369/TypeSetter-CMS-5.1-Host-Header-Injection.html
title TypeSetter CMS 5.1 Host Header Injection
refmap via4
misc https://securitywarrior9.blogspot.in/2018/02/host-header-injection-type-setter-cms-51.html
Last major update 11-02-2018 - 22:29
Published 11-02-2018 - 22:29
Last modified 19-02-2018 - 21:29
Back to Top