2 matches found
CVE-2006-4210
numail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when registerglobals is enabled, allows remote attackers to use the server as an open mail relay via modified mailtext2, userrow5, numail1, and shopmail parameters. NOTE: some of these details are obtained from third party information...
CVE-2006-4210
CVE-2006-4210 describes a vulnerability in nu_mail.inc.php of Andreas Kansok’s phPay 2.02/2.02.1 where, if register_globals is enabled, a remote attacker can abuse the server as an open mail relay via manipulated parameters (mail_text2, user_row[5], nu_mail_1, shop_mail). The root cause is improp...