Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

phpPGAds/phpAdNew < 2.0.2 HTTP Response Splitting

Medium

Synopsis

The remote host is vulnerable to an HTTP splitting attack.

Description

There is a flaw in the remote phpAdNew/phpPgAds PHP Ads server, a banner management and tracking system written in PHP. This version of phpAdNew/phpPgAds is vulnerable to a HTTP response splitting vulnerability. An attacker exploiting this flaw would be able to redirect users to another site to steal their credentials.

Solution

Upgrade to version 2.0.2 or higher.