CVE-2007-2372

Name of the Vulnerable Software and Affected Versions phpMyNewsletter versions 0.8 beta5 and earlier

Description The issue allows remote attackers to compose and send an e-mail message by exploiting a flaw in the admin/send mod.php file. This is possible when administrative credentials are missing, and the script prints a Location header but does not exit. Attackers can send a post request with the subject, message, format, and list id fields to compose the message, and then send it via a direct request for the MsgId value under the admin directory, specifically the "/admin/" endpoint.

Recommendations For phpMyNewsletter versions 0.8 beta5 and earlier, as a temporary workaround, consider restricting access to the admin/send mod.php file until a patch is available. Additionally, restrict the use of the subject, message, format, and list id fields in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.