NVD

Id
65563  
Name
CVE-2006-7020  
Description
CRLF injection vulnerability in (1) include/inc_act/act_formmailer.php and possibly (2) sample_ext_php/mail_file_form.php in phpwcms 1.2.5-DEV and earlier, and 1.1 before RC4, allows remote attackers to modify HTTP headers and send spam e-mail via a spoofed HTTP Referer (HTTP_REFERER).  
Reject
 
CVSS Version
2  
CVSS Score
7.8  
Severity
High  
CVSS Base Score
7.8  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:C/A:N)  
Pub Date
2016-12-20  
Published
2007-02-14  
Modified Date
2011-03-07  
Seq
2006-7020  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
341672 65563 CVE-2006-7020 http://www.phpwcms.de/forum/viewtopic.php?t=10958  View
341673 65563 CVE-2006-7020 ADV-2006-1556  View
341674 65563 CVE-2006-7020 phpwcms-referer-security-bypass(26130)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
54407 JVNDB-2007-003099 phpwcms の include/inc_act/act_formmailer.php などにおける CRLF インジェクションの脆弱性 phpwcms の (1) include/inc_act/act_formmailer.php および (2) sample_ext_php/mail_file_form.php には、CRLF インジェクションの脆弱性が存在します。 CVE-2006-7020 23122 CVE-2006-7020 65563 7.8 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003099.html 2007-02-14 2012-09-25 View