Skip to content
Medium Published: Aug 08, 2007 Modified: Apr 09, 2025

CVE-2007-4190

4.3 CVSS Score Medium
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Export CVE-2007-4190 Data:
Share:
Link copied!

Description

CRLF injection vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to inject arbitrary HTTP headers and probably conduct HTTP response splitting attacks via CRLF sequences in the url parameter. NOTE: this can be leveraged for cross-site scripting (XSS) attacks. NOTE: some of these details are obtained from third party information.

CVSS Vector Details

Attack Vector Network
Attack Complexity M
Confidentiality None
Integrity P
Availability None

Affected Software Configurations

  • a joomla joomla\! * * * * * * * *

Weaknesses (CWE)

  • CWE-74

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

Related Vulnerabilities

CVE-2004-2570 CVSS 0 Same weakness: CWE-74 CVE-2004-1157 CVSS 0 Same weakness: CWE-74 CVE-2005-3007 CVSS 0 Same weakness: CWE-74 CVE-2005-3750 CVSS 0 Same weakness: CWE-74 CVE-2008-0456 CVSS 0 Same weakness: CWE-74

CVE History Timeline

Aug 08, 2007 14:33 Initial Analysis
Oct 01, 2021 15:03 Modified Analysis
May 14, 2024 01:47 CVE Modified
Nov 21, 2024 00:34 CVE Modified
← Back to CVE Tracker