Security Advisory

CVE-2006-7087

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-02-28 00:00:00

Last updated 2024-08-07 20:50:06

Assigner mitre

State PUBLISHED

Description

CRLF injection vulnerability in the mail function in Dotdeb PHP before 5.2.0 Rev 3 allows remote attackers to bypass the protection scheme and inject arbitrary email headers via CRLF sequences in the query string, which is processed via the PHP_SELF variable.

← Browse all CVEs View on cve.org ↗