CVE-2007-4612

CVE-2007-4612 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

CRLF injection vulnerability in contact.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers.

Learn more about our Contact.