mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 19:16:22 +00:00
736 B
736 B
CVE-2007-0617
Description
The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions.
POC
Reference
Github
No PoCs found on GitHub currently.