CVE-2002-0490 in Instant Web Mailinformazioni

Riassunto

di MITRE

Instant Web Mail before 0.60 does not properly filter CR/LF sequences, which allows remote attackers to (1) execute arbitrary POP commands via the id parameter in message.php, or (2) modify certain mail message headers via numerous parameters in write.php.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Divulgazione

12/08/2002

Moderazione

accettato

CPE

pronto

EPSS

0.02749

KEV

no

Attività

molto basso

Fonti

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!