3 matches found
cgiemail and cgiecho Multiple Security Vulnerabilities (CVE-2017-5613)
SEC-212 Format string injection The ability to supply arbitrary format strings to cgiemail and cgiecho allowed code execution whenever a user was able to provide a cgiemail template file. Use CVE-2017-5613. SEC-214 Open redirect The cgiemail and cgiecho binaries served as an open redirect due to...
CVE-2017-5616
Cross-site scripting XSS vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter...
CVE-2017-5616
Cross-site scripting XSS vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter...