Cgiecho
Sign in to watchby CPanel
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-5613 | Hig | 0.51 | 7.8 | 0.01 | Mar 3, 2017 | Format string vulnerability in cgiemail and cgiecho allows remote attackers to execute arbitrary code via format string specifiers in a template file. | |
| CVE-2017-5616 | Med | 0.40 | 6.1 | 0.00 | Mar 3, 2017 | Cross-site scripting (XSS) vulnerability in cgiemail and cgiecho allows remote attackers to inject arbitrary web script or HTML via the addendum parameter. | |
| CVE-2017-5615 | Med | 0.40 | 6.1 | 0.00 | Mar 3, 2017 | cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the redirect location. |