Vulnerabilities (CVE)

Filtered by vendor Mit Subscribe
Filtered by product Cgiemail
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-1652 1 Mit 1 Cgiemail 2024-02-28 7.5 HIGH N/A
Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long query parameter.
CVE-2002-1575 1 Mit 1 Cgiemail 2024-02-28 5.0 MEDIUM N/A
cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message.