Main Vulnerability Database Exploits ID:11502 - Exploit for Input validation error in PHP - CVE-2007-1718

ID:11502 - Exploit for Input validation error in PHP - CVE-2007-1718

Published: June 9, 2025

Vulnerability identifier: #VU110421

Vulnerability risk: Medium

CVE-ID: CVE-2007-1718

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
PHP

Link to public exploit:

https://www.exploit-db.com/exploits/29784/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a " " sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro.

Remediation

Install update from vendor's website.

ID:11502 - Exploit for Input validation error in PHP - CVE-2007-1718

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human