Description
CRLF injection vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to inject headers of outgoing e-mail messages and use Drupal as a spam proxy.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP-Cal 'id' Parameter SQL Injection (0.3)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5340)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Directory Traversal (1.3.33)