Description
mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote attackers to send SPAM e-mail through remote servers by modifying the sendto, email, server, subject, and resulturl hidden form fields.
Affected products
- brian_dorricott / mailto1.0.7 – 1.0.7
- brian_dorricott / mailto1.0.8 – 1.0.8
- brian_dorricott / mailto1.0.9 – 1.0.9