Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
CpanelCgiemail

3 matches found

CVE
CVEadded 2017/03/03 3:0 p.m.64 views

CVE-2017-5616

CVE-2017-5616 is a reflected XSS vulnerability in the CGI programs cgiemail and cgiecho, exploitable via the addendum parameter. The issue arises from missing escaping of the addendum data, allowing attackers to inject arbitrary HTML/JavaScript into the response. Affects implementations of cgiema...

6.1CVSS5.9AI score0.00271EPSS
CVE
CVEadded 2017/03/03 3:0 p.m.63 views

CVE-2017-5613

CVE-2017-5613 affects the cgiemail and cgiecho CGI programs. A format-string vulnerability in template handling allows a local attacker with template-file access to execute code as the webserver user. Debian fixed this in package cgiemail 1.6-37+deb7u1 (DLA-869-1) by restricting format strings to...

7.8CVSS7.1AI score0.0052EPSS
CVE
CVEadded 2017/03/03 3:0 p.m.51 views

CVE-2017-5615

CVE-2017-5615 affects the cgiemail and cgiecho binaries, enabling HTTP header injection by supplying a newline in the redirect location. Public references describe an open redirect and header-injection combination across related CVEs in the same package. The Debian advisory (DLA-869-1) fixes the ...

6.1CVSS6.1AI score0.00279EPSS