Vulnerabilities > CVE-2007-1898 - Unspecified vulnerability in Jetbox CMS 2.1

047910
CVSS 5.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE

Summary

formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.

Exploit-Db

descriptionJetbox CMS 2.1 Email FormMail.PHP Input Validation Vulnerability. CVE-2007-1898 . Webapps exploit for php platform
idEDB-ID:30040
last seen2016-02-03
modified2007-05-15
published2007-05-15
reporterJesper Jurcenoks
sourcehttps://www.exploit-db.com/download/30040/
titleJetbox CMS 2.1 Email FormMail.PHP Input Validation Vulnerability

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/56801/jetbox-inject.txt
idPACKETSTORM:56801
last seen2016-12-05
published2007-05-17
reporterJesper Jurcenoks
sourcehttps://packetstormsecurity.com/files/56801/jetbox-inject.txt.html
titlejetbox-inject.txt