VULHUB ™

A vulnerability has been reported for sendform.cgi. Reportedly, sendform.cgi may disclose arbitrary files to remote attackers. The script has an optional feature to send 'blurb files' to the email addresses that are provided on the web form. However, sendform.cgi does not make proper checks for the BlurbFilePath parameter. Thus it is possible for a remote attacker to modify the value of the BlurbFilePath parameter and obtain access to arbitrary files.

A vulnerability has been reported for sendform.cgi. Reportedly, sendform.cgi may disclose arbitrary files to remote attackers. The script has an optional feature to send 'blurb files' to the email addresses that are provided on the web form. However, sendform.cgi does not make proper checks for the BlurbFilePath parameter. Thus it is possible for a remote attacker to modify the value of the BlurbFilePath parameter and obtain access to arbitrary files.