Penetration Testing UK

CVE-2005-2854

CVE-2005-2854

Severity Score

5.0

Access Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

Summary

CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1 allows remote attackers to use the script as a mail relay (spam proxy) via CRLF sequences in the (1) name or (2) email fields, which are injected into mail headers.

Learn more about our Penetration Testing services.