Security Advisory

CVE-2003-0979

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2003-12-11 05:00:00

Last updated 2024-08-08 02:12:35

Assigner mitre

State PUBLISHED

Description

FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which allows remote attackers to (1) use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or (2) cause the guestbook database to be deleted via a large number of line breaks that exceeds the $max_posts variable.

← Browse all CVEs View on cve.org ↗