4 matches found
Matt Wright FormMail Multiple cross-site scripting (XSS) vulnerabilities (CVE-2009-1776; CVE-2009-1777)
FormMail is prone to an HTTP-response-splitting vulnerability and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user, steal...
CVE-2009-1777
creationtimestamp| type| source ---|---|--- 2009-06-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8950...
CVE-2009-1777
CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the redirect parameter...
CVE-2009-1777
CVE-2009-1777 : CRLF injection vulnerability in Matt Wright FormMail 1.92 (and possibly earlier) allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via the redirect parameter. The vulnerability arises from insufficient input sanitization in FormMail.pl, e...