Vulnerabilities > CVE-2007-4073 - Remote Security vulnerability in Webbler CMS

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

tincan

NVD

Published: 2007-07-30

Updated: 2018-10-15

Summary

Webbler CMS before 3.1.6 does not properly restrict use of "mail a friend" forms, which allows remote attackers to send arbitrary amounts of forged e-mail. NOTE: this could be leveraged for spam or phishing attacks.

Vulnerable Configurations

Part	Description	Count
Application	Tincan Tincan Webbler CMS *	1

References

http://osvdb.org/38994
http://securityreason.com/securityalert/2955
http://tincan.co.uk/?lid=1975
http://www.procheckup.com/Vulner_2007.php
http://www.securityfocus.com/archive/1/474521/100/0/threaded