Groan! First there was SQL injection. Now there is email injection

If your web application is running on PHP. Please be aware of spammers that exploits PHP, mime and smtp by using what we now know as “email injection”.

Google search the term and you will find a lot of link about how it is done, and how to combat it.

In essence, the spammer will inject cc: and bc: and even to: fields to send spam using your mail form pages!


Leave a Reply