Unrated severityNVD Advisory· Published May 9, 2007· Updated Jun 16, 2026
CVE-2007-2550
CVE-2007-2550
Description
Multiple CRLF injection vulnerabilities in Devellion CubeCart 3.0.15 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a cookie name beginning with "ccSID" to (1) cart.php or (2) index.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
8- osvdb.org/36209nvd
- osvdb.org/36210nvd
- securityreason.com/securityalert/2678nvd
- www.cubecart.com/site/forums/index.phpnvd
- www.securityfocus.com/archive/1/467828/100/0/threadednvd
- www.securityfocus.com/archive/1/468053/100/0/threadednvd
- www.securityfocus.com/bid/23852nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/34141nvd
News mentions
0No linked articles in our index yet.