Vulnerability Details : CVE-2007-1898
formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.
Products affected by CVE-2007-1898
- cpe:2.3:a:jetbox:jetbox_cms:2.1:*:*:*:*:*:*:*When used together with: Linux » Linux KernelWhen used together with: Microsoft » Windows 2000When used together with: Microsoft » Windows 2003 ServerWhen used together with: Microsoft » Windows 95When used together with: Microsoft » Windows 98seWhen used together with: Microsoft » Windows MeWhen used together with: Microsoft » Windows XpWhen used together with: Santa Cruz Operation » Sco Unix
Exploit prediction scoring system (EPSS) score for CVE-2007-1898
3.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 91 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-1898
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:N |
8.6
|
4.9
|
NIST |
References for CVE-2007-1898
-
http://www.securityfocus.com/archive/1/468644/100/0/threaded
-
http://www.securityfocus.com/bid/23989
-
http://securityreason.com/securityalert/2710
-
http://www.netvigilance.com/advisory0026
Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/34292
-
http://www.securitytracker.com/id?1018063
Vendor Advisory
-
http://www.vupen.com/english/advisories/2007/1831
Jump to