CVE-2007-3686 Information

Description

CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating Bar before 1.2.0 allows remote attackers to inject arbitrary HTTP headers and data via CRLF sequences in the HTTP_REFERER parameter.

Reference

http://secunia.com/advisories/25985 http://www.cirt.net/advisories/unobtrusive_ajax_star_rating.shtml http://www.osvdb.org/35936 http://www.securityfocus.com/bid/24840 https://exchange.xforce.ibmcloud.com/vulnerabilities/35329