FormMail HTTP_Referer Spoofing Vulnerability

info
discussion
exploit
solution
references

FormMail HTTP_Referer Spoofing Vulnerability

The remote attacker may bypass FormMail's HTTP_REFERER checks by any number of means.

For example, the attacker may send a blank HTTP_REFERER header.

Any other means of forging an HTTP_REFERER are also applicable.