VYPR
Unrated severityNVD Advisory· Published Apr 10, 2007· Updated Jun 16, 2026

CVE-2007-1900

CVE-2007-1900

Description

CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression to ignore the subsequent part of the address string.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • PHP/PHP3 versions
    cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
    • (no CPE)range: >=5.2.0, <=5.2.1

Patches

Vulnerability mechanics

References

27

News mentions

0

No linked articles in our index yet.