CVE-2015-5285

Kallithea <0.3 - HTTP Response Splitting

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-5285. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates an HTTP response splitting vulnerability in Kallithea 0.2.9 via the 'came_from' parameter. The PoC shows how an attacker can inject malicious headers and control the HTTP response by manipulating the parameter with CRLF sequences.

Description

CRLF injection vulnerability in Kallithea before 0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the came_from parameter to _admin/login.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textwebappsmultiple

https://www.exploit-db.com/exploits/38424

View Code ZIP pw:eip

This exploit demonstrates an HTTP response splitting vulnerability in Kallithea 0.2.9 via the 'came_from' parameter. The PoC shows how an attacker can inject malicious headers and control the HTTP response by manipulating the parameter with CRLF sequences.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Kallithea 0.2.9 and 0.2.2

No auth needed

Prerequisites: Access to the target application's login page

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/38424/

Exploit x_refsource_misc

http://packetstormsecurity.com/files/133897/Kallithea-0.2.9-HTTP-Response-Splitting.html

Exploit x_refsource_misc

http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5267.php

Exploit, Patch, Vendor Advisory x_refsource_confirm

https://kallithea-scm.org/security/cve-2015-5285.html

Scores

EPSS 0.0531

EPSS Percentile 90.3%

Details

Status published

Products (2)

kallithea-scm/kallithea < 0.2

pypi/kallithea 0 - 0.3PyPI

Published Oct 29, 2015

Tracked Since Feb 18, 2026