Posted by David Tulloh on 09/19/05 09:19

It looks like somebody is trying to launch an e-mail injection attack.
Looking at your code, I don't think you are vulnerable.

You can read more about e-mail injection at
http://securephp.damonkohler.com/index.php/Email_Injection
You could also send nasty e-mails to PeiCanteenMc@aol.com, telling them
to stop trying to hack your website.


David


Gustav Wiberg wrote:

> Hi there!
>
> I wonder why I get get these kind of mails (look down below in this
> mail) I recieve them sometimes...
> ...I have a code like this...
>
> $name = $_POST["frmNamn"];
> $email = $_POST["frmEpost"];
>
> //Send mail that there is a new member
> //
> mail("info@stammis.com","Ny medlem - Stammis Internet","Namn: $name,
> Epost:$email");
>
>
>
> /G
> http://www.varupiraten.se/
>
>
> Namn: wftmbsbwas@stammis.com
> Content-Type: multipart/mixed; boundary=\"===============0158601545==\"
> MIME-Version: 1.0
> Subject: c1805938
> To: wftmbsbwas@stammis.com
> bcc: PeiCanteenMc@aol.com
> From: wftmbsbwas@stammis.com
>
> This is a multi-part message in MIME format.
>
> --===============0158601545==
> Content-Type: text/plain; charset=\"us-ascii\"
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
>
> aienglpcm
> --===============0158601545==--
> , Epost:wftmbsbwas@stammis.com
>
>

• Next in forum: Re: [PHP] Mail-format...
• Prev in forum: Re: [PHP] Re: headers .vs javascript location.href
• Thread view: Re: [PHP] Mail-format...

[Reply to this message]