VYPR
Unrated severityNVD Advisory· Published Aug 31, 2007· Updated Jun 16, 2026

CVE-2007-4612

CVE-2007-4612

Description

CRLF injection vulnerability in contact.php in Moonware (aka Dale Mooney Gallery) allows remote attackers to add arbitrary mail headers via CRLF sequences in the subject parameter. NOTE: this can be leveraged for spam by adding To or Cc headers.

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.