E-mail injection is not like SQL-injection because after giving it's name a look person first think of an interesting thing like SQL-injection and it can be used for spoofing . It is the most easy task.I won't make it long
Many sites have a contact forum which is called feedback forum.Of course most of them have secure feedback forum but some new site builders can make mistake in it . So a vulnerable feedback forum to E-mail injection can be used for a carbon copy to be sent to another person but not to site . You can find a field in a forum with the name of *YOUR EMAIL*.
Just by entering following string you can use their feedback forum
The uper injection would make a carbon copy of your subject to be sent to the users id which you will write at the place of *firstname.lastname@example.org* . As you can see that there is also *victim2* which means that the subject of your mail would be sent to another person also you can add as much people as you want . Back to the first statement of the injection there is written *email@example.com* so just replace it with any site you want . It can be FACEBOOK as in this you might change that statement to *firstname.lastname@example.org* .
Tags: Fake Email, Vulnerability