CVE-2007-0547

CGI-RESCUE WebFORM 4.3 and earlier has a cross-site scripting (XSS) vulnerability allowing remote injection of arbitrary script/HTML via unspecified vectors. Affected: WebFORM CGI script (Perl). Impact: arbitrary script execution in the user’s browser; CVSS v2 base score 4.3 (MEDIUM). Remediation...

CVE-2006-2943

CVE-2006-2943 affects CGI RESCUE WebFORM 4.1 and earlier . The vulnerability arises from improper handling of mail headers, allowing remote attackers to inject headers and thereby send spam messages. The root cause is inadequate validation of email headers in WebFORM’s mail transmission pathway. ...