MidnightBSD

Advisories for ranson_johnson

CVE-2000-0877 MEDIUM

mailform.pl CGI script in MailForm 2.0 allows remote attackers to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ranson_johnson mailform 2.0
CVE-2000-0878 HIGH

The mailto CGI script allows remote attacker to execute arbitrary commands via shell metacharacters in the emailadd form field.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ranson_johnson mailto_cgi_script *