Matt Wright FormMail 1.9 and previous versions allows remote malicious users to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
matt wright formmail 1.3 |
||
matt wright formmail 1.4 |
||
matt wright formmail 1.5 |
||
matt wright formmail 1.6 |
||
matt wright formmail 1.1 |
||
matt wright formmail 1.8 |
||
matt wright formmail 1.0 |
||
matt wright formmail 1.2 |
||
matt wright formmail 1.7 |
||
matt wright formmail 1.9 |