cPanel 5/6 / Formail-Clone - E-Mail Restriction Bypass
| EKU-ID: 28168 | CVE: OSVDB-4222 | OSVDB-ID: |
| Author: Chad C. Keep | Published: 2003-05-30 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 28168 | CVE: OSVDB-4222 | OSVDB-ID: |
| Author: Chad C. Keep | Published: 2003-05-30 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/7758/info It has been reported that cPanel is prone to an issue where a remote attacker may bypass cPanel Formail-clone local domain checks and have untrusted e-mail delivered in the context of the vulnerable host. This issue may be exploited by an attacker to use the vulnerable host as an open relay. <input type="hidden" name="recipient" value="user1@offsitedomain.(localdomain)co m, user2@offsitedomain.(localdomain)com">