Vulnerability in Jetbox Jetbox_cms
CVE-2007-2731
CRLF injection vulnerability in formmail.php in Jetbox CMS 2.1 might allow remote attackers to inject arbitrary e-mail headers via LF (%0A) sequences in the subject parameter, a related issue to CVE-2007-1898.
EPSS: 0.016 (72.2th percentile) — read the EPSS interpretation.
Affected products
- Jetbox Jetbox_cms — versions 2.1
- N/a — versions n/a
References
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_MISC, Vendor Advisory)
- cve@mitre.org (x_refsource_SREASON, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)