matt wright

Top products

The 15 most recently published vulnerabilities affecting matt wright.

• CVE-2023-49438An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter o...6.1Dec 26, 2023
• CVE-2009-4866Cross-site scripting (XSS) vulnerability in search.cgi in Matt's Script Archive (MSA) Simple Search 1.0 allows remote attackers to inject arbitrary web script or HTML via the terms parameter. NOTE...4.3May 10, 2010
• CVE-2009-1777CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks ...5.0May 22, 2009
• CVE-2009-1776Multiple cross-site scripting (XSS) vulnerabilities in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via javascript: ...4.3May 22, 2009
• CVE-2006-1698Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to execute arbitrary web script or HTML via the (1) url, (2) city, (3) state, or (4) country paramete...4.3Apr 11, 2006
• CVE-2006-1697Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to execute arbitrary web script or HTML via the (1) Your Name, (2) E-Mail, or (3) Comments fields whe...4.3Apr 11, 2006
• CVE-2002-2109Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domai...7.5Aug 5, 2005
• CVE-2002-1771Matt Wright FormMail 1.9 and earlier allows remote attackers to send spam or anonymous e-mail by injecting a newline character followed by CC:, BCC:, or additional TO: fields in the email and realn...5.0Jun 21, 2005
• CVE-1999-0930wwwboard allows a remote attacker to delete message board articles via a malformed argument.5.0Mar 9, 2002
• CVE-2001-0937PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) recipient or (2) pgpuserid parameters.7.5Feb 2, 2002
• CVE-1999-1479The textcounter.pl by Matt Wright allows remote attackers to execute arbitrary commands via shell metacharacters.10.0Sep 12, 2001
• CVE-1999-1053guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache...7.5Sep 12, 2001
• CVE-1999-1051Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers ...5.0Sep 12, 2001
• CVE-1999-1050Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (...5.0Sep 12, 2001
• CVE-1999-1377Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.5.0Sep 12, 2001