Unrated severityNVD Advisory· Published Aug 31, 2007· Updated Jun 16, 2026
CVE-2007-4612
CVE-2007-4612
Description
CRLF injection vulnerability in contact.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers.
Affected products
2- cpe:2.3:a:dale_mooney:contact_form:*:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.