Dotdeb: Security Vulnerabilities
CRLF injection vulnerability in the mail function in Dotdeb PHP before 5.2.0 Rev 3 allows remote attackers to bypass the protection scheme and inject arbitrary email headers via CRLF sequences in the query string, which is processed via the PHP_SELF variable.
CVSS Score
5.0
EPSS Score
0.01
Published
2007-03-02