Vulnerabilities > CVE-2005-2854 - Unspecified vulnerability in Thesitewizard.Com Chfeedback.Pl Feedback Form Perl Script 2.0.1

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

thesitewizard-com

NVD

Published: 2005-09-08

Updated: 2008-09-05

Summary

CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1 allows remote attackers to use the script as a mail relay (spam proxy) via CRLF sequences in the (1) name or (2) email fields, which are injected into mail headers.

Vulnerable Configurations

Part	Description	Count
Application	Thesitewizard.Com Thesitewizard.Com Chfeedback.Pl Feedback Form Perl Script 2.0.1	1

References

http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0094.html
http://www.securityfocus.com/bid/14749