Description
CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.
Remediation
References
Related Vulnerabilities
WordPress Plugin Royal Gallery 'upload.php' Arbitrary File Upload (2.1)
WebLogic CVE-2017-10137 Vulnerability (CVE-2017-10137)
MySQL CVE-2022-21357 Vulnerability (CVE-2022-21357)
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.9.19)
WordPress Plugin WP Comment Remix SQL Injection and HTML Injection Vulnerabilities (1.4.3)