Vulnerability Details : CVE-2006-7020
CRLF injection vulnerability in (1) include/inc_act/act_formmailer.php and possibly (2) sample_ext_php/mail_file_form.php in phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to modify HTTP headers and send spam e-mail via a spoofed HTTP Referer (HTTP_REFERER).
Exploit prediction scoring system (EPSS) score for CVE-2006-7020
Probability of exploitation activity in the next 30 days: 0.60%
CVSS scores for CVE-2006-7020
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|