exploitDog

CVE-2007-4612

Опубликовано: 31 авг. 2007

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

CRLF injection vulnerability in contact.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dale_mooney:contact_form:*:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00319

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-wmjr-xw5g-fq3h

github

почти 4 года назад

CRLF injection vulnerability in contact.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers.

EPSS

Процентиль: 55%

0.00319

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-20