formmail.php in Jetbox CMS 2.1 allows remote malicious users to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jetbox jetbox_cms 2.1 |