CRLF injection vulnerability in process_signup.php in PHP Handicapper allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the login parameter. NOTE: the vendor has disputed CVE-2005-3497, and it is possible that the dispute was intended to include this issue as well.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation2 reference(s) from NVD