Cgiscript.net » Csmailto : Security Vulnerabilities, CVEs, CVSS score >= 3
CGIscript.net csMailto.cgi program exports feedback to a file that is accessible from the web document root, which could allow remote attackers to obtain sensitive information by directly accessing the file.
Max CVSS
5.0
EPSS Score
3.29%
Published
2002-08-12
Updated
2008-09-05
CGIscript.net csMailto.cgi program allows remote attackers to use csMailto as a "spam proxy" and send mail to arbitrary users via modified (1) form-to, (2) form-from, and (3) form-results parameters.
Max CVSS
7.5
EPSS Score
1.40%
Published
2002-08-12
Updated
2008-09-05
CGIscript.net csMailto.cgi program allows remote attackers to read arbitrary files by specifying the target filename in the form-attachment field.
Max CVSS
5.0
EPSS Score
2.25%
Published
2002-08-12
Updated
2008-09-05
CGIscript.net csMailto.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the form-attachment field.
Max CVSS
7.5
EPSS Score
2.82%
Published
2002-08-12
Updated
2008-09-05
4 vulnerabilities found