cbcvebase.
CVE-2002-2109
published 2002-12-31

CVE-2002-2109: Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2)…

PriorityP428high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.69%
84.0th percentile
Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTP_REFERER check and conduct unauthorized activities via (1) a blank referer, (2) a spoofed referer with a trusted domain/URL after the beginning of the referer, or (3) a spoofed referer with a trusted domain/URL in the beginning (hostname) portion of the referer.

Affected

10 ranges
VendorProductVersion rangeFixed in
matt_wrightformmail
matt_wrightformmail
matt_wrightformmail
matt_wrightformmail
matt_wrightformmail
matt_wrightformmail
matt_wrightformmail
matt_wrightformmail
matt_wrightformmail
matt_wrightformmail
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.