Unrated severityNVD Advisory· Published Jun 16, 2005· Updated Jun 16, 2026
CVE-2005-1951
CVE-2005-1951
Description
Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and earlier allow remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the (1) products_id or (2) pid parameter to index.php or (3) goto parameter to banner.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:oscommerce:oscommerce:2.1:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:oscommerce:oscommerce:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:oscommerce:oscommerce:2.2_cvs:*:*:*:*:*:*:*
- cpe:2.3:a:oscommerce:oscommerce:2.2_ms1:*:*:*:*:*:*:*
- cpe:2.3:a:oscommerce:oscommerce:2.2_ms2:*:*:*:*:*:*:*
- (no CPE)range: <=2.2 Milestone 2
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.