MidnightBSD

Advisories for joe_lumbroso_acks

CVE-2004-0259 HIGH

The check_referer() function in Formmail.php 5.0 and earlier allows remote attackers to bypass access restrictions via an empty or spoofed HTTP Referer, as demonstrated using an application on the same web server that contains a cross-site scripting (XSS) issue.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
joe_lumbroso_acks formmail.php 5.0
joe_lumbroso_acks formmail.php 2.0