CVE-2009-1777

Matt Wright FormMail 1.92 - CRLF Injection via Redirect Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1777. PoCs published by USH.

AI-analyzed exploit summary This is a detailed advisory describing multiple vulnerabilities in FormMail 1.92, including XSS, HTTP Response Header Injection, and HTTP Response Splitting. It provides proof-of-concept examples and technical analysis but does not include executable exploit code.

Description

CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the redirect parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by USH · textwebappsphp
https://www.exploit-db.com/exploits/8950

This is a detailed advisory describing multiple vulnerabilities in FormMail 1.92, including XSS, HTTP Response Header Injection, and HTTP Response Splitting. It provides proof-of-concept examples and technical analysis but does not include executable exploit code.

Classification
Writeup 100%
Attack Type
Xss | Info Leak
Complexity
Moderate
Reliability
Reliable
Target: FormMail 1.92 and possibly earlier versions
No auth needed
Prerequisites: Access to the FormMail script via a web browser or HTTP client
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/503446/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/34929
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35068

Scores

EPSS 0.0197
EPSS Percentile 77.8%

Details

CWE
CWE-20
Status published
Products (1)
matt_wright/formmail 1.92
Published May 22, 2009
Tracked Since Feb 18, 2026