Description
-
This alert was generated using only banner information. It may be a false positive.
The PHP mail function does not properly sanitize user input. Because of this, a user may pass ASCII control characters to the mail() function that could alter the headers of email. This could result in spoofed mail headers.
Affected PHP versions (up to 4.2.2).
Remediation
- Upgrade PHP to the latest version.
References
Severity
Classification
Tags
Related Vulnerabilities
- WordPress Plugin JC Coupon Cross-Site Scripting (2.5)
- WordPress Plugin Google Pagespeed Insights Cross-Site Scripting (3.0.0)
- WordPress Plugin Visual Form Builder Multiple Cross-Site Scripting Vulnerabilities (2.8.6)
- WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.1)
- WordPress Plugin 123devis-affiliation Cross-Site Scripting (1.0.4)