N/A · Formmail.Php · CVE-2004-1431
Name of the Vulnerable Software and Affected Versions:
FormMail.php version 5.0
Description:
The issue allows remote attackers to read arbitrary files by providing a full pathname in the `ar file` parameter.
Recommendations:
For FormMail.php version 5.0, consider restricting access to the `ar file` parameter to prevent exploitation until a patch is available.