3 matches found
CVE-2004-0259
The checkreferer function in Formmail.php 5.0 and earlier allows remote attackers to bypass access restrictions via an empty or spoofed HTTP Referer, as demonstrated using an application on the same web server that contains a cross-site scripting XSS issue...
CVE-2004-0259
The CVE affects Formmail.php version 5.0 and earlier, where check_referer() can be bypassed by an empty or spoofed HTTP Referer, enabling access restriction bypass. The vulnerability is demonstrated via an application on the same web server that contains an associated cross-site scripting (XSS) i...
CVE-2004-0259
The checkreferer function in Formmail.php 5.0 and earlier allows remote attackers to bypass access restrictions via an empty or spoofed HTTP Referer, as demonstrated using an application on the same web server that contains a cross-site scripting XSS issue...