Vulnerability in Apple Mac_os_x

CVE-2007-1898

formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.

EPSS: 0.026 (83.0th percentile) — read the EPSS interpretation.

Affected products

Apple Mac_os_x
Hp Hp-ux
Hp Tru64
Jetbox Jetbox_cms — versions 2.1
Linux Linux_kernel
Microsoft Windows_2000
Microsoft Windows_2003_server
Microsoft Windows_95
Microsoft Windows_98
Microsoft Windows_98se

References

cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (x_refsource_MISC, Vendor Advisory)
cve@mitre.org (x_refsource_SREASON, third-party-advisory)
cve@mitre.org (vdb-entry, x_refsource_VUPEN)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (vdb-entry, x_refsource_SECTRACK, Vendor Advisory)
cve@mitre.org (x_refsource_OSVDB, vdb-entry, Vendor Advisory)
cve@mitre.org (vdb-entry, x_refsource_BID)