Filtered by vendor Mit Subscriptions
Filtered by product Cgiemail Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2002-1652 1 Mit 1 Cgiemail 2024-11-21 N/A
Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long query parameter.
CVE-2002-1575 1 Mit 1 Cgiemail 2024-11-21 N/A
cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email message.