| Max CVSS | 6.8 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-2731 | 4.0 |
CRLF injection vulnerability in formmail.php in Jetbox CMS 2.1 might allow remote attackers to inject arbitrary e-mail headers via LF (%0A) sequences in the subject parameter, a related issue to CVE-2007-1898.
|
16-10-2018 - 16:45 | 16-05-2007 - 22:30 | |
| CVE-2007-2732 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML via the (1) path parameter to view/search/; or the (2) companyname, (3) country, (4) email, (5) firstname, (6) middlename,
|
16-10-2018 - 16:45 | 16-05-2007 - 22:30 | |
| CVE-2007-1898 | 5.8 |
formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.
|
16-10-2018 - 16:41 | 16-05-2007 - 22:30 |