Skip to main content

Cgiemail

3 CVEs product

Monthly

CVE-2017-5616 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cgiecho Cgiemail
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-5615 MEDIUM This Month

cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Cgiecho Cgiemail
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-5613 HIGH This Week

Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary code via format string specifiers in a template file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Cgiecho Cgiemail
NVD
CVSS 3.0
7.8
EPSS
0.5%
EPSS 0% CVSS 6.1
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cgiecho Cgiemail
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Cgiecho Cgiemail
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary code via format string specifiers in a template file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Cgiecho Cgiemail
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy