Crlf injection

CRLF injection vulnerability in contact.php in Moonware aka Dale Mooney Gallery allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers...

CVE-2007-4612

CRLF injection vulnerability in contact.php in Moonware aka Dale Mooney Gallery allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers...

CVE-2007-4612

CRLF injection vulnerability in contact.php in Moonware aka Dale Mooney Gallery allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers...

Email header injection

A problem has been discovered where the internal form engine can be used for sending arbitrary mail headers, using it for purposes which it is not meant for. Component Type: TYPO3 Core Affected Versions: TYPO3 4.x below 4.0.5, 4.1beta, 4.1RC1, TYPO3 Versions 3.x Vulnerability Type: Email header...

Debian DSA-168-1 : php - bypassing safe_mode, CRLF injection

Wojciech Purczynski found out that it is possible for scripts to pass arbitrary text to sendmail as commandline extension when sending a mail through PHP even when safemode is turned on. Passing 5th argument should be disabled if PHP is configured in safemode, which is the case for newer PHP...