CVE-2006-4505

NX5Linx 1.0 - HTTP Response Splitting

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4505. PoCs published by Aliaksandr Hartsuyeu.

AI-analyzed exploit summary The code describes an HTTP response-splitting vulnerability in NX5Linkx due to improper input sanitization. It provides an example URL demonstrating how an attacker could inject malicious HTTP headers.

Description

CRLF injection vulnerability in links.php in NX5Linx 1.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a CRLF sequence in the url parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Aliaksandr Hartsuyeu · textwebappsphp

https://www.exploit-db.com/exploits/28568

View Code ZIP pw:eip

The code describes an HTTP response-splitting vulnerability in NX5Linkx due to improper input sanitization. It provides an example URL demonstrating how an attacker could inject malicious HTTP headers.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: NX5Linkx

No auth needed

Prerequisites: Network access to the vulnerable application

MITRE ATT&CK