mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-05 02:01:08 +00:00
736 B
736 B
CVE-2007-0617
Description
The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions.
POC
Reference
Github
No PoCs found on GitHub currently.