phpPGAds/phpAdNew < 2.0.2 HTTP Response Splitting
Medium Nessus Network Monitor Plugin ID 2575
SynopsisThe remote host is vulnerable to an HTTP splitting attack.
DescriptionThere is a flaw in the remote phpAdNew/phpPgAds PHP Ads server, a banner management and tracking system written in PHP. This version of phpAdNew/phpPgAds is vulnerable to a HTTP response splitting vulnerability. An attacker exploiting this flaw would be able to redirect users to another site to steal their credentials.
SolutionUpgrade to version 2.0.2 or higher.