Cgiscript.net: >> Csmailto Security Vulnerabilities
CGIscript.net csMailto.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the form-attachment field.
CVSS Score
7.5
EPSS Score
0.066
Published
2002-08-12
CGIscript.net csMailto.cgi program allows remote attackers to read arbitrary files by specifying the target filename in the form-attachment field.
CVSS Score
5.0
EPSS Score
0.013
Published
2002-08-12
CGIscript.net csMailto.cgi program allows remote attackers to use csMailto as a "spam proxy" and send mail to arbitrary users via modified (1) form-to, (2) form-from, and (3) form-results parameters.
CVSS Score
7.5
EPSS Score
0.012
Published
2002-08-12
CGIscript.net csMailto.cgi program exports feedback to a file that is accessible from the web document root, which could allow remote attackers to obtain sensitive information by directly accessing the file.
CVSS Score
5.0
EPSS Score
0.009
Published
2002-08-12