Cgi-rescue » Webform : Security Vulnerabilities, CVEs,
Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information.
Max CVSS
7.5
EPSS Score
2.39%
Published
2006-06-12
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in CGI-RESCUE WebFORM 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.27%
Published
2007-01-29
Updated
2011-03-08
2 vulnerabilities found