{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000023.html",
  "dc:date": "2009-04-28T16:35+09:00",
  "dcterms:issued": "2009-04-28T16:35+09:00",
  "dcterms:modified": "2009-04-28T16:35+09:00",
  "description": "FORM2MAIL from CGI RESCUE contains a vulnerability which allows unauthorized email transmission regardless of the configuration.\r\n\r\nFORM2MAIL from CGI RESCUE is a software that sends emails with contents that are input into a HTML form. FORM2MAIL contains a vulnerability which allows unauthorized email transmission regardless of the configuration.\r\n\r\nThis vulnerability has been fixed and an updated version was released on December 13, 2008.",
  "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000023.html",
  "sec:cpe": {
    "#text": "cpe:/a:cgi_rescue:form2mail",
    "@product": "FORM2MAIL",
    "@vendor": "CGI RESCUE",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2009-000023",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN76370393/index.html",
      "@id": "JVN#76370393",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1590",
      "@id": "CVE-2009-1590",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1590",
      "@id": "CVE-2009-1590",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/34869",
      "@id": "SA34869",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://osvdb.org/54097",
      "@id": "54097",
      "@source": "OSVDB"
    },
    {
      "#text": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000023.html",
      "@id": "JVNDB-2009-000023",
      "@source": "JVNDB_Ja"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-20",
      "@title": "Improper Input Validation(CWE-20)"
    }
  ],
  "title": "FORM2MAIL from CGI RESCUE allows unauthorized email transmission"
}

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000624.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "WebFORM from CGI RESCUE is software which delivers the HTML form inputs via email. WebFORM fails to check the mail headers properly, allowing a remote attacker to send email to arbitrary addresses.\r\n\r\nAccording to the vendor\u0027s information, FORM2MAIL also contains a similar vulnerability, and the fixed version of FORM2MAIL is available.",
  "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000624.html",
  "sec:cpe": {
    "#text": "cpe:/a:cgi_rescue:form2mail",
    "@product": "FORM2MAIL",
    "@vendor": "CGI RESCUE",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "5.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2006-000624",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN39570254/index.html",
      "@id": "JVN#39570254",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2944",
      "@id": "CVE-2006-2944",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2944",
      "@id": "CVE-2006-2944",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/20515",
      "@id": "SA20515",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/18434",
      "@id": "18434",
      "@source": "BID"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2006/2234",
      "@id": "FrSIRT/ADV-2006-2234",
      "@source": "FRSIRT"
    }
  ],
  "title": "CGI RESCUE WebFORM allows unauthorized email transmission"
}