VYPR

W3mail

by Spencer Miles

CVEs (1)

  • CVE-2001-1100Oct 7, 2001
    risk 0.00cvss epss 0.04

    sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, allows remote attackers to execute arbitrary commands via shell metacharacters in any field of the 'Compose Message' page.