Ranson Johnson: >> Mailform >> 2.0 Security Vulnerabilities
mailform.pl CGI script in MailForm 2.0 allows remote attackers to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker.
CVSS Score
5.0
EPSS Score
0.01
Published
2000-11-14