Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

VelteamJVEL:395

HistoryDec 30, 2016 - 12:00 a.m.

Chronoforms 5.0.13 PHP mailer vulnerability

2016-12-3000:00:00

velteam

vel.joomla.org

155

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.967 High

EPSS

Percentile

99.6%

JSON

Chronoforms 5.0.13 and previous versions include PHP Mailer library vulnerable to CVE-2016-10045

Resolution: update to 5.0.14

Update notice: https://www.chronoengine.com/forums/posts/t102804/p363944/phpmailer-library.html

CPENameOperatorVersion
com_chronoforms5eq5.0.13
com_chronoforms5lt5.0.14

CPE	Name	Operator	Version
	com_chronoforms5	eq	5.0.13
	com_chronoforms5	lt	5.0.14

References

www.chronoengine.com/forums/posts/t102804/p363944/phpmailer-library.html

extensions.joomla.org/extension/chronoforms/

www.chronoengine.com

typo3 3

friendsofphp 1

openvas 10

osv 6

debian 5

packetstorm 6

freebsd 2

myhack58 2

zdt 3

nessus 20

prion 1

veracode 1

alpinelinux 1

debiancve 1

joomla 3

f5 1

exploitpack 3

seebug 2

github 2

cve 1

checkpoint_advisories 1

rapid7blog 1

attackerkb 1

fedora 2

threatpost 2

ubuntucve 2

altlinux 1

exploitdb 3

thn 1

ubuntu 2

archlinux 1

typo3

Remote Code Execution in extension "Maag Sendmail" (maag_sendmail)

2017-07-11 00:00:00

Remote Code Execution in extension "PHPMailer" (bb_phpmailer)

2017-07-11 00:00:00

Remote Code Execution in extension "AH Sendmail" (ah_sendmail)

2017-07-11 00:00:00

friendsofphp

Remote Code Execution

2016-12-28 12:28:04

openvas

Debian Security Advisory DSA 3750-1 (libphp-phpmailer - security update)

2017-01-05 00:00:00

Fedora Update for php-PHPMailer FEDORA-2016-6941d25875

2017-01-10 00:00:00

PHPMailer < 5.2.20 Remote Code Execution Vulnerability

2016-12-29 00:00:00

osv

CVE-2016-10045

2016-12-30 19:59:00

CVE-2016-10033

2016-12-30 19:59:00

Remote code execution in PHPMailer

2020-03-05 22:09:14

debian

[SECURITY] [DSA 3750-1] libphp-phpmailer security update

2016-12-31 10:58:47

[SECURITY] [DSA 3750-2] libphp-phpmailer regression update

2017-01-03 18:32:15

[SECURITY] [DLA 770-2] libphp-phpmailer regression update

2017-01-03 16:00:33

packetstorm

SmartJobBoard 5.0.9 Cross Site Scripting / Information Disclosure

2017-04-04 00:00:00

PHPMailer Remote Code Execution

2016-12-28 00:00:00

PHPMailer Sendmail Argument Injection

2017-01-04 00:00:00

freebsd

phpmailer -- Remote Code Execution

2016-12-28 00:00:00

moodle -- multiple vulnerabilities

2017-01-17 00:00:00

myhack58

WordPress 4.6 remote code execution vulnerability-vulnerability warning-the black bar safety net

2017-05-05 00:00:00

PhpMailer and SwiftMailer, the ZendMail successive exposure of the RCE high-risk vulnerabilities, affecting millions of Web servers-vulnerability warning-the black bar safety net

2017-01-05 00:00:00

zdt

PHPMailer Sendmail Argument Injection Exploit

2017-01-04 00:00:00

PHPMailer 5.2.20 - Remote Code Execution Exploit

2016-12-28 00:00:00

PHPMailer < 5.2.20 with Exim MTA - Remote Code Execution Exploit

2017-06-22 00:00:00

nessus

F5 Networks BIG-IP : PHPMailer vulnerability (K73926196)

2017-05-19 00:00:00

Debian DSA-3750-1 : libphp-phpmailer - security update

2017-01-03 00:00:00

Debian DLA-770-2 : libphp-phpmailer regression update

2017-01-03 00:00:00

prion

Command injection

2016-12-30 19:59:00

veracode

Remote Code Execution (RCE)

2017-07-26 01:24:02

alpinelinux

CVE-2016-10045

2016-12-30 19:59:00

debiancve

CVE-2016-10045

2016-12-30 19:59:00

joomla

Jomres 9.8.22 and previous PHPMailer vulnerability

2016-12-31 00:00:00

[20161205] - PHPMailer Security Advisory

2016-12-30 19:59:00

AcyMailing 5.6.0 PHP Mailer vulnerability

2016-12-28 00:00:00

K73926196 : PHPMailer vulnerability CVE-2016-10045

2017-02-13 00:00:00

exploitpack

PHPMailer 5.2.20 - Remote Code Execution

2016-12-27 00:00:00

PHPMailer 5.2.20 with Exim MTA - Remote Code Execution

2017-06-21 00:00:00

PHPMailer 5.2.20 SwiftMailer 5.4.5-DEV Zend Framework zend-mail 2.4.11 - AIO PwnScriptum Remote Code Execution

2017-01-02 00:00:00

seebug

PHPMailer < 5.2.20 Remote Code Execution (0day Patch Bypass/exploit) (CVE-2016-10045)

2016-12-29 00:00:00

WordPress Core 4.6 - Unauthenticated Remote Code Execution

2017-05-04 00:00:00

github

Remote code execution in PHPMailer

2020-03-05 22:09:17

Remote code execution in PHPMailer

2020-03-05 22:09:14

cve

CVE-2016-10045

2016-12-30 19:59:00

checkpoint_advisories

PHPMailer Mail From Remote Code Execution (CVE-2016-10033; CVE-2016-10045)

2016-12-27 00:00:00

rapid7blog

Metasploit Weekly Wrap-Up

2022-07-01 18:44:47

attackerkb

CVE-2016-10033

2016-12-30 00:00:00

fedora

[SECURITY] Fedora 25 Update: php-PHPMailer-5.2.21-1.fc25

2017-01-06 04:52:02

[SECURITY] Fedora 24 Update: php-PHPMailer-5.2.22-1.fc24

2017-01-17 20:21:44

threatpost

PHPMailer Bug Leaves Millions of Websites Open to Attack

2016-12-27 13:22:54

PHPMailer, SwiftMailer Updates Resolve Critical Remote Code Execution Vulnerabilities

2016-12-29 14:20:38

ubuntucve

CVE-2016-10033

2016-12-30 00:00:00

CVE-2016-10045

2016-12-30 00:00:00

altlinux

Security fix for the ALT Linux 9 package phpipam version 1.26.050-alt1

2016-12-26 00:00:00

exploitdb

PHPMailer < 5.2.20 - Remote Code Execution

2016-12-27 00:00:00

PHPMailer < 5.2.20 / SwiftMailer < 5.4.5-DEV / Zend Framework / zend-mail < 2.4.11 - 'AIO' 'PwnScriptum' Remote Code Execution

2017-01-02 00:00:00

PHPMailer < 5.2.20 with Exim MTA - Remote Code Execution

2017-06-21 00:00:00

thn

Critical Updates — RCE Flaws Found in SwiftMailer, PhpMailer and ZendMail

2017-01-02 23:45:00

ubuntu

PHPMailer vulnerabilities

2023-03-15 00:00:00

PHPMailer vulnerability

2023-03-15 00:00:00

archlinux

[ASA-201701-22] wordpress: multiple issues

2017-01-15 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.967 High

EPSS

Percentile

99.6%

JSON

Related for JVEL:395