Filtered by vendor Instant Web Mail
Subscribe
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0490 | 1 Instant Web Mail | 1 Instant Web Mail | 2024-02-04 | 10.0 HIGH | N/A |
| Instant Web Mail before 0.60 does not properly filter CR/LF sequences, which allows remote attackers to (1) execute arbitrary POP commands via the id parameter in message.php, or (2) modify certain mail message headers via numerous parameters in write.php. | |||||