Lucene search
MitreCVE-2007-4612HistoryAug 31, 2007 - 12:17 a.m.
CVE-2007-4612
2007-08-3100:17:00
CWE-20
mitre
web.nvd.nist.gov
24
cve-2007-4612
crlf injection
contact.php
moonware
dale mooney gallery
remote attackers
mail headers
spam
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
7.1
Confidence
Low
EPSS
0.005
Percentile
77.5%
CRLF injection vulnerability in contact.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers.
Affected configurations
Node
dale_mooneycontact_form
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dale_mooney | contact_form | * | cpe:2.3:a:dale_mooney:contact_form:*:*:*:*:*:*:*:* |
Related
prion
prion
Crlf injection
2007-08-31 00:17:00
cvelist
cvelist
CVE-2007-4612
2007-08-31 00:00:00
nvd
nvd
CVE-2007-4612
2007-08-31 00:17:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
7.1
Confidence
Low
EPSS
0.005
Percentile
77.5%
Related for CVE-2007-4612