CVE-2007-4073 Information

Description

Webbler CMS before 3.1.6 does not properly restrict use of \mail a friend\ forms which allows remote attackers to send arbitrary amounts of forged e-mail. NOTE: this could be leveraged for spam or phishing attacks.

Reference

http://osvdb.org/38994 http://securityreason.com/securityalert/2955 http://tincan.co.uk/?lid=1975 http://www.procheckup.com/Vulner_2007.php http://www.securityfocus.com/archive/1/474521/100/0/threaded