5
CVSSv2

CVE-2000-0877

Published: 14/11/2000 Updated: 10/10/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

mailform.pl CGI script in MailForm 2.0 allows remote malicious users to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker.

Affected Products

Vendor Product Versions
Ranson JohnsonMailform2.0