- git snapshot of master branch b99412648829471f3a336036f5cd138b8f131721
- install PHPMailer from upstream (fixed CVE-2015-8476,CVE-2016-10033,CVE-2016-10045)

OSVersionArchitecturePackageVersionFilename
ALT Linux9srcphpipam-1.45.031-alt1.src.rpm< 1.26.050-alt1phpipam-1.45.031-alt1.src.rpm
ALT Linux9noarchphpipam-1.45.031-alt1.noarch.rpm< 1.26.050-alt1phpipam-1.45.031-alt1.noarch.rpm
ALT Linux9noarchphpipam-apache2-1.45.031-alt1.noarch.rpm< 1.26.050-alt1phpipam-apache2-1.45.031-alt1.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
ALT Linux	9	src	phpipam-1.45.031-alt1.src.rpm	< 1.26.050-alt1	phpipam-1.45.031-alt1.src.rpm
ALT Linux	9	noarch	phpipam-1.45.031-alt1.noarch.rpm	< 1.26.050-alt1	phpipam-1.45.031-alt1.noarch.rpm
ALT Linux	9	noarch	phpipam-apache2-1.45.031-alt1.noarch.rpm	< 1.26.050-alt1	phpipam-apache2-1.45.031-alt1.noarch.rpm

checkpoint_advisories 1

fedora 4

rapid7blog 1

attackerkb 1

packetstorm 10

joomla 5

openvas 18

ubuntucve 3

osv 10

nessus 26

debian 8

threatpost 3

myhack58 6

freebsd 3

zdt 9

prion 4

veracode 3

debiancve 3

alpinelinux 2

seebug 6

f5 2

exploitpack 8

github 3

cve 4

exploitdb 10

thn 3

typo3 3

saint 6

metasploit 2

friendsofphp 1

hackerone 1

nuclei 1

patchstack 1

mageia 2

ubuntu 2

archlinux 1

rapid7community 1

checkpoint_advisories

PHPMailer Mail From Remote Code Execution (CVE-2016-10033; CVE-2016-10045)

2016-12-27 00:00:00

fedora

[SECURITY] Fedora 25 Update: php-PHPMailer-5.2.21-1.fc25

2017-01-06 04:52:02

[SECURITY] Fedora 24 Update: php-PHPMailer-5.2.22-1.fc24

2017-01-17 20:21:44

[SECURITY] Fedora 22 Update: php-PHPMailer-5.2.14-1.fc22

2016-02-11 13:49:45

rapid7blog

Metasploit Weekly Wrap-Up

2022-07-01 18:44:47

attackerkb

CVE-2016-10033

2016-12-30 00:00:00

packetstorm

PHPMailer Sendmail Argument Injection

2017-01-04 00:00:00

SmartJobBoard 5.0.9 Cross Site Scripting / Information Disclosure

2017-04-04 00:00:00

PHPMailer Remote Code Execution

2016-12-28 00:00:00

joomla

AcyMailing 5.6.0 PHP Mailer vulnerability

2016-12-28 00:00:00

Jomres 9.8.22 and previous PHPMailer vulnerability

2016-12-31 00:00:00

[20161205] - PHPMailer Security Advisory

2016-12-30 19:59:00

openvas

Debian: Security Advisory (DSA-3750)

2023-03-08 00:00:00

Debian: Security Advisory (DSA-3750-1)

2017-01-05 00:00:00

Debian Security Advisory DSA 3750-1 (libphp-phpmailer - security update)

2017-01-05 00:00:00

ubuntucve

CVE-2016-10033

2016-12-30 00:00:00

CVE-2016-10045

2016-12-30 00:00:00

CVE-2015-8476

2015-12-16 00:00:00

osv

Remote code execution in PHPMailer

2020-03-05 22:09:17

CVE-2016-10045

2016-12-30 19:59:00

CVE-2016-10033

2016-12-30 19:59:00

nessus

Fedora 25 : php-PHPMailer (2016-6941d25875)

2017-01-06 00:00:00

Debian DSA-3750-1 : libphp-phpmailer - security update

2017-01-03 00:00:00

F5 Networks BIG-IP : PHPMailer vulnerability (K73926196)

2017-05-19 00:00:00

debian

[SECURITY] [DLA 770-1] libphp-phpmailer security update

2016-12-31 14:24:48

[SECURITY] [DSA 3750-1] libphp-phpmailer security update

2016-12-31 10:48:11

[SECURITY] [DSA 3750-2] libphp-phpmailer regression update

2017-01-03 18:31:58

threatpost

PHPMailer Bug Leaves Millions of Websites Open to Attack

2016-12-27 13:22:54

PHPMailer, SwiftMailer Updates Resolve Critical Remote Code Execution Vulnerabilities

2016-12-29 14:20:38

Vanilla Forums Open Source Software Vulnerable to RCE, Host Header Injection Vulnerability

2017-05-11 16:39:13

myhack58

WordPress 4.6 remote code execution vulnerability-vulnerability warning-the black bar safety net

2017-05-05 00:00:00

PhpMailer and SwiftMailer, the ZendMail successive exposure of the RCE high-risk vulnerabilities, affecting millions of Web servers-vulnerability warning-the black bar safety net

2017-01-05 00:00:00

The widespread use of email components: PHPMailer remote code execution vulnerability exists-vulnerability warning-the black bar safety net

2016-12-28 00:00:00

freebsd

phpmailer -- Remote Code Execution

2016-12-28 00:00:00

phpmailer -- Remote Code Execution

2016-12-26 00:00:00

moodle -- multiple vulnerabilities

2017-01-17 00:00:00

zdt

PHPMailer Sendmail Argument Injection Exploit

2017-01-04 00:00:00

PHPMailer 5.2.20 - Remote Code Execution Exploit

2016-12-28 00:00:00

PHPMailer < 5.2.20 with Exim MTA - Remote Code Execution Exploit

2017-06-22 00:00:00

prion

Command injection

2016-12-30 19:59:00

Command injection

2016-12-30 19:59:00

Crlf injection

2015-12-16 21:59:00

veracode

Remote Code Execution (RCE)

2017-07-26 01:24:02

Remote Code Execution (RCE)

2017-11-29 04:14:19

Multiple CRLF Injection

2017-07-26 08:32:53

debiancve

CVE-2016-10045

2016-12-30 19:59:00

CVE-2016-10033

2016-12-30 19:59:00

CVE-2015-8476

2015-12-16 21:59:00

alpinelinux

CVE-2016-10045

2016-12-30 19:59:00

CVE-2016-10033

2016-12-30 19:59:00

seebug

PHPMailer < 5.2.20 Remote Code Execution (0day Patch Bypass/exploit) (CVE-2016-10045)

2016-12-29 00:00:00

WordPress Core 4.6 - Unauthenticated Remote Code Execution

2017-05-04 00:00:00

PHPMailer < 5.2.18 Remote Code Execution（CVE-2016-10033） (PwnScriptum)

2016-12-26 00:00:00

K73926196 : PHPMailer vulnerability CVE-2016-10045

2017-02-13 00:00:00

K74977440 : PHPMailer vulnerability CVE-2016-10033

2017-01-24 00:00:00

exploitpack

PHPMailer 5.2.20 - Remote Code Execution

2016-12-27 00:00:00

PHPMailer 5.2.20 SwiftMailer 5.4.5-DEV Zend Framework zend-mail 2.4.11 - AIO PwnScriptum Remote Code Execution

2017-01-02 00:00:00

PHPMailer 5.2.20 with Exim MTA - Remote Code Execution

2017-06-21 00:00:00

github

Remote code execution in PHPMailer

2020-03-05 22:09:17

Remote code execution in PHPMailer

2020-03-05 22:09:14

SMTP Injection in PHPMailer

2020-03-05 22:09:19

cve

CVE-2016-10045

2016-12-30 19:59:00

CVE-2016-10033

2016-12-30 19:59:00

CVE-2015-8476

2015-12-16 21:59:00

exploitdb

PHPMailer < 5.2.20 - Remote Code Execution

2016-12-27 00:00:00

PHPMailer < 5.2.20 with Exim MTA - Remote Code Execution

2017-06-21 00:00:00

PHPMailer < 5.2.18 - Remote Code Execution

2016-12-25 00:00:00

thn

Critical Updates — RCE Flaws Found in SwiftMailer, PhpMailer and ZendMail

2017-01-02 23:45:00

Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit

2016-12-26 00:26:00

0-Day Flaws in Vanilla Forums Let Remote Attackers Hack Websites

2017-05-11 21:33:00

typo3

Remote Code Execution in extension "AH Sendmail" (ah_sendmail)

2017-07-11 00:00:00

Remote Code Execution in extension "Maag Sendmail" (maag_sendmail)

2017-07-11 00:00:00

Remote Code Execution in extension "PHPMailer" (bb_phpmailer)

2017-07-11 00:00:00

saint

PHPMailer Command Injection in WordPress Core via Exim

2017-05-17 00:00:00

PHPMailer Command Injection in WordPress Core via Exim

2017-05-17 00:00:00

PHPMailer PwnScriptum Remote Code Execution

2017-01-05 00:00:00

metasploit

WordPress PHPMailer Host Header Command Injection

2017-05-10 20:17:20

PHPMailer Sendmail Argument Injection

2016-12-29 22:17:06

friendsofphp

Multiple CRLF injection vulnerabilities

2015-11-01 10:15:00

hackerone

Imgur: RCE by command line argument injection to `gm convert` in `/edit/process?a=crop`

2017-03-12 03:46:46

nuclei

WordPress PHPMailer < 5.2.18 - Remote Code Execution

2021-03-24 11:33:21

patchstack

WordPress Huge-IT Video Gallery plugin <=2.0.4 - SQL Injection vulnerability

2017-05-24 00:00:00

mageia

Updated php-phpmailer packages fix CVE-2015-8476

2015-12-24 14:08:20

Updated php-phpmailer packages fix security vulnerabilities

2017-01-27 12:19:09

ubuntu

PHPMailer vulnerability

2023-03-15 00:00:00

PHPMailer vulnerabilities

2023-03-15 00:00:00

archlinux

[ASA-201701-22] wordpress: multiple issues

2017-01-15 00:00:00

rapid7community

Metasploit Wrapup

2017-05-26 19:06:43

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

99.9%

JSON

Related for 4B7D8579CE7BE91296E9154BCE619C5F