CyberSec.Space Logo
Back to CVE Browser

CVE-2006-2943

HIGH
7.5
CVSS Severity Score
EPSS Score0.1740%
EPSS Percentile17.68th
PublishedJun 12, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information.

Affected Platforms (CPE)

πŸ“¦
Cgi Rescue

Webform

<= 4.1

References & Advisories

πŸ”— http://jvn.jp/jp/JVN%2339570254/index.html
πŸ”— http://secunia.com/advisories/20515
πŸ”— http://www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20060216124645
πŸ”— http://www.securityfocus.com/bid/18434
πŸ”— http://www.vupen.com/english/advisories/2006/2234
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/27130
πŸ”— http://jvn.jp/jp/JVN%2339570254/index.html
πŸ”— http://secunia.com/advisories/20515

Related Vulnerabilities

CVE-2008-263810.0

Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP co...

CVE-2019-02859.8

The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010) discloses sensitive database informat...

CVE-2019-189259.8

Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication.

CVE-2020-62198.8

SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer), versions 4.1, 4.2, and Crystal Reports for VS...