CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Topic: XSS Cross Site Scripting on FormMail.CGI Version: 1.92 Released: April 21, 2002 Manufacturer: http://www.scriptarchive.com/formmail.html By XyborG - [email protected] - http://www.rzweb.com.ar/ Formmai.cgi, it is a utility that serves to send forms by email, among other uses. The operatio...

6.1AI score

Exploits0

CVE•added 2001/01/22 5:0 a.m.•47 views

CVE-2000-0255

The CVE-2000-0255 entry affects the Nbase-Xyplex EdgeBlaster router. The vulnerability arises when an attacker performs a scan for the FormMail CGI program, which can cause a denial of service. Documented impact is network-based, with availability impact described as PARTIAL. The provided sources...

5CVSS7AI score0.00685EPSS

Exploits1References2Affected Software1

Cvelist•added 2001/01/22 5:0 a.m.•14 views

CVE-2000-0255

The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a denial of service via a scan for the FormMail CGI program...

6.6AI score0.00685EPSS

Exploits1References2

NVD•added 2000/05/10 4:0 a.m.•11 views

CVE-2000-0411

Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the envreport parameter...

5CVSS6.6AI score0.04501EPSS

Exploits0References3

NVD•added 2000/04/05 4:0 a.m.•13 views

CVE-2000-0255

The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a denial of service via a scan for the FormMail CGI program...

5CVSS6.6AI score0.00685EPSS

Exploits1References2

Tenable Nessus•added 1999/12/01 12:0 a.m.•65 views

Matthew Wright FormMail CGI (formmail.cgi) Arbitrary Mail Relay

The 'formmail.pl' is installed. This CGI has a well known security flaw that lets anyone execute arbitrary commands with the privileges of the HTTP daemon root or nobody. %NASLMINLEVEL 70300 This script was written by Mathieu Perrin See the Nessus Scripts License for details Changes by Tenable: -...

7.5CVSS5.8AI score0.01624EPSS

Exploits0References1

Cvelist•added 1999/09/29 4:0 a.m.•17 views

CVE-1999-0172

FormMail CGI program allows remote execution of commands...

6.9AI score0.01624EPSS

Exploits0References1

CVE•added 1999/09/29 4:0 a.m.•59 views

CVE-1999-0173

CVE-1999-0173 relates to the FormMail CGI program, with multiple sources confirming that it can be used by web servers other than the host where it resides. The connected documentation identifies the affected component as FormMail CGI, but does not provide a detailed root cause or a confirmed fix...

5CVSS7.4AI score0.03047EPSS

Exploits0References1Affected Software1

Cvelist•added 1999/09/29 4:0 a.m.•12 views

CVE-1999-0173

FormMail CGI program can be used by web servers other than the host server that the program resides on...

6.7AI score0.03047EPSS

Exploits0References1

NVD•added 1995/08/02 4:0 a.m.•6 views

CVE-1999-0172

FormMail CGI program allows remote execution of commands...

7.5CVSS0.01624EPSS

Exploits0References1