WebApp Sec mailing list archives
Re: attacking PHP mail() function with poorly validated email address string
From: xomka <xomka1917 () mail ru>
Date: Sat, 5 Jun 2004 00:41:25 +0400
Hello Serg, Thursday, June 3, 2004, 7:29:17 PM, you wrote: SB> Hi All, SB> I am interested to know if it i possible and if so how to exploit PHP's SB> mail() function (not including spam) assuming user supplied email SB> address was not validated. SB> Cheers, SB> Serg I think , naturally you can send messeges from his name, and use it for social engineering(it opened big possibilityes). For spam certanly:)) -- Best regards, xomka mailto:xomka1917 () mail ru
Current thread:
- attacking PHP mail() function with poorly validated email address string Serg B. (Jun 03)
- Re: attacking PHP mail() function with poorly validated email address string xomka (Jun 04)