Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary code via format string specifiers in a template...
7.8CVSS
7.8AI Score
0.018EPSS
cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect...
6.1CVSS
6.5AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum...
6.1CVSS
6.1AI Score
0.001EPSS
cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email...
7AI Score
0.011EPSS
Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long query...
8.2AI Score
0.061EPSS