Dale Mooney » Contact Form : Security Vulnerabilities, CVEs, CVSS score >= 4
CRLF injection vulnerability in contact.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers.
Max CVSS
4.3
EPSS Score
0.48%
Published
2007-08-31
Updated
2018-10-15
1 vulnerabilities found