Matt Wright » Formmail : Security Vulnerabilities, CVEs, CVSS score >= 6
Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer.
Max CVSS
7.5
EPSS Score
0.35%
Published
2002-12-31
Updated
2008-09-05
FormMail.pl in FormMail 1.6 and earlier allows a remote attacker to send anonymous email (spam) by modifying the recipient and message parameters.
Max CVSS
7.5
EPSS Score
2.83%
Published
2001-08-22
Updated
2017-12-19
FormMail CGI program allows remote execution of commands.
Max CVSS
7.5
EPSS Score
1.56%
Published
1995-08-02
Updated
2022-08-17
3 vulnerabilities found