3 matches found
cgiemail and cgiecho Multiple Security Vulnerabilities (CVE-2017-5613)
SEC-212 Format string injection The ability to supply arbitrary format strings to cgiemail and cgiecho allowed code execution whenever a user was able to provide a cgiemail template file. Use CVE-2017-5613. SEC-214 Open redirect The cgiemail and cgiecho binaries served as an open redirect due to...
CVE-2017-5614
Open redirect vulnerability in cgiemail and cgiecho allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the 1 success or 2 failure parameter...
CVE-2017-5614
The CVE-2017-5614 issue is an Open Redirect vulnerability in the cgiemail and cgiecho binaries caused by improper handling of the success and failure parameters, enabling an attacker to redirect users to arbitrary URLs and potentially facilitate phishing. Connected sources confirm this vector and...