Leif M. Wright simplestmail.cgi 1.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2102/info A vulnerabiliy exists in Leif M. Wright's simplestmail.cgi, a script designed to coordinate email responses from web forms. An insecurely-structured call to the open function leads to a failure to properly filte...

simplestmail.cgi Multiple Vulnerabilities

Binary data 1682.prm...

CVE-2001-0024

The CVE-2001-0024 entry concerns the simplestmail.cgi CGI program by Leif Wright, where remote attackers can execute arbitrary commands via shell metacharacters in the MyEmail parameter. This is a remote command execution flaw with high impact (as per NVD) and network attack vector; no concrete e...

Insecure input validation in simplestmail.cgi (remote command execution)

Hi Again, simplestmail.cgi is another Perl cgi written by "Tammie's HUSBAND" Leif Wright. It's available from: http://www.conservatives.net/atheist/scripts/index.html?simplestmail The code is self explanatory: ----code snippet---- $youremail = $contentsbyname'MyEmail'; open MAIL, "|$mailprog...