CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2001-1100

sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, allows remote attackers to execute arbitrary commands via shell metacharacters in any field of the 'Compose Message' page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.1%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.securityfocus.com/archive/1/218921
http://www.securityfocus.com/bid/3673
http://www.w3mail.org/ChangeLog
https://exchange.xforce.ibmcloud.com/vulnerabilities/7230
http://www.securityfocus.com/archive/1/218921
http://www.securityfocus.com/bid/3673
http://www.w3mail.org/ChangeLog
https://exchange.xforce.ibmcloud.com/vulnerabilities/7230

Products affected by CVE-2001-1100

Spencer Miles » W3mail » Version: 1.0.2

cpe:2.3:a:spencer_miles:w3mail:1.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-1100

Products

Pricing

Contact Us