[原文]CGIscript.net csMailto.cgi program exports feedback to a file that is accessible from the web document root, which could allow remote attackers to obtain sensitive information by directly accessing the file.
csMailto.cgi contains a flaw that may allow a malicious user to access arbitrary files. The issue is triggered when hidden form field values are modified. It is possible that the flaw may allow execution of arbitrary commands on the system resulting in a loss of confidentiality.
Upgrade to version 2.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.