Vulnerabilities > CVE-2007-2731 - Unspecified vulnerability in Jetbox CMS 2.1
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
PARTIAL Summary
CRLF injection vulnerability in formmail.php in Jetbox CMS 2.1 might allow remote attackers to inject arbitrary e-mail headers via LF (%0A) sequences in the subject parameter, a related issue to CVE-2007-1898.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://securityreason.com/securityalert/2710
- http://www.netvigilance.com/advisory0026
- http://www.osvdb.org/34088
- http://www.securityfocus.com/archive/1/468644/100/0/threaded
- http://www.securityfocus.com/bid/23989
- http://www.securitytracker.com/id?1018063
- http://www.vupen.com/english/advisories/2007/1831
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34292