Description
Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Black Watch Labs · textremotemultiple
https://www.exploit-db.com/exploits/19906
References (3)
Core 3
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-05/0125.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1187
URL Repurposed x_refsource_misc
http://www.perfectotech.com/blackwatchlabs/vul5_10.html
Scores
EPSS
0.0450
EPSS Percentile
89.2%
Details
Status
published
Products (1)
matt_wright/formmail
1.6
Published
May 10, 2000
Tracked Since
Feb 18, 2026