CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 1CVE-2000-0411 – Matt Wright FormMail 1.6/1.7/1.8 - Environmental Variables Disclosure
https://notcve.org/view.php?id=CVE-2000-0411
Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter. • https://www.exploit-db.com/exploits/19906 http://archives.neohapsis.com/archives/bugtraq/2000-05/0125.html http://www.perfectotech.com/blackwatchlabs/vul5_10.html http://www.securityfocus.com/bid/1187 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-1999-0173 – Matt Wright FormMail 1.x - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-1999-0173
FormMail CGI program can be used by web servers other than the host server that the program resides on. • https://www.exploit-db.com/exploits/20486 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0173 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-1999-0172
https://notcve.org/view.php?id=CVE-1999-0172
FormMail CGI program allows remote execution of commands. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0172 •