PHPMailer Sendmail Argument Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'PHPMailer Sendmail Argument Injection', 'Description' = %q PHPMailer versions up to and including 5.2.19 are affected by a...

openSUSE Security Update : roundcubemail (openSUSE-2016-1533)

This update for roundcubemail fixes the following issues : - A maliciously crafted email could cause untrusted code to be executed cross site scripting using $lt;area href=javascript:... boo982003, CVE-2016-5103 - Avoid HTML styles that could cause potential click jacking boo1001856 - A malicious...

[SECURITY] Fedora 24 Update: php-zendframework-zend-mail-2.7.2-1.fc24

Zend\Mail provides generalized functionality to compose and send both text and MIME-compliant multipart email messages. Mail can be sent with Zend\Mail via the Mail\Transport\Sendmail, Mail\Transport\Smtp or the Mail\Transport\File transport. Of course, you can also implement your own transport b...

[SECURITY] Fedora 25 Update: php-zendframework-zend-mail-2.7.2-1.fc25

Zend\Mail provides generalized functionality to compose and send both text and MIME-compliant multipart email messages. Mail can be sent with Zend\Mail via the Mail\Transport\Sendmail, Mail\Transport\Smtp or the Mail\Transport\File transport. Of course, you can also implement your own transport b...

Security update for roundcubemail (important)

This update for roundcubemail fixes the following issues: - A maliciously crafted email could cause untrusted code to be executed cross site scripting using $lt;area href=javascript:... boo982003, CVE-2016-5103 - Avoid HTML styles that could cause potential click jacking boo1001856 - A maliciousl...

Zend Framework / zend-mail 2.4.11 - Remote Code Execution Exploit

Exploit for php platform in category web applications 09607 09607 09607 See the full advisory URL for the exploit details. / // Attacker's input coming from untrusted source such as $GET , $POST etc. // For example from a Contact form with sender field $emailfrom = '"attac...

CVE-2016-10034

The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " backslash double...

Zend Framework zend-mail 2.4.11 - Remote Code Execution

Zend Framework zend-mail 2.4.11 - Remote Code Execution 09607 09607 09607 See the full advisory URL for the exploit details. / // Attacker's input coming from untrusted source such as $GET , $POST etc. // For example from a Contact form with sender field $emailfrom = '"attacker" -oQ/tmp/...

SwiftMailer <= 5.4.5-DEV Remote Code Execution (CVE-2016-10074)

DESCRIPTION ------------------------- SwiftMailer class uses PHP mail function as its default transport. SwiftMailer suffers from the same vulnerability as the one disclosed in PHPMailer in the advisory at:...

Zend Framework / zend-mail &lt; 2.4.11 - Remote Code Execution

09607 09607 09607 See the full advisory URL for the exploit details. / // Attacker's input coming from untrusted source such as $GET , $POST etc. // For example from a Contact form with sender field $emailfrom = '"attacker" -oQ/tmp/ -X/var/www/cache/phpcode.php "@email.com'; // encoded phpinfo...

PHPMailer Sendmail Argument Injection

PHPMailer versions up to and including 5.2.19 are affected by a vulnerability which can be leveraged by an attacker to write a file with partially controlled contents to an arbitrary location through injection of arguments that are passed to the sendmail binary. This module writes a payload to th...

SwiftMailer 5.4.5-DEV - Remote Code Execution Exploit

Exploit for php platform in category web applications 09607 09607 09607 See the full advisory URL for the exploit details. / // Attacker's input coming from untrusted source such as $GET , $POST etc. // For example from a Contact form with sender field $emailfrom = '"attacker" -oQ/tmp/...

SwiftMailer 5.4.5-DEV - Remote Code Execution

SwiftMailer 5.4.5-DEV - Remote Code Execution 09607 09607 09607 See the full advisory URL for the exploit details. / // Attacker's input coming from untrusted source such as $GET , $POST etc. // For example from a Contact form with sender field $emailfrom = '"attacker" -oQ/tmp/...

SwiftMailer &lt; 5.4.5-DEV - Remote Code Execution

09607 09607 09607 See the full advisory URL for the exploit details. / // Attacker's input coming from untrusted source such as $GET , $POST etc. // For example from a Contact form with sender field $emailfrom = '"attacker" -oQ/tmp/ -X/var/www/cache/phpcode.php "@email.com'; // ------------------...

PHPMailer Bug Leaves Millions of Websites Open to Attack

UPDATE A critical PHPMailer bug tied to the way websites handle email and feedback forms is leaving millions of websites hosted on popular web-publishing platforms such as WordPress, Drupal and Joomla open to attack. The flaw was disclosed by researcher Dawid Golunski of Legal Hackers, who said t...

GLSA-201612-44 : Roundcube: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201612-44 Roundcube: Arbitrary code execution Roundcube, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom envelope-from addresses on the sendmail command line...

PHPMailer &lt; 5.2.19 - Sendmail Argument Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'PHPMailer Sendmail Argument Injection', 'Description' = %q PHPMailer versions up to and including 5.2.19 are affected by a...

PHPMailer 5.2.18 - Remote Code Execution (PHP)

PHPMailer 5.2.18 - Remote Code Execution PHP 09607 "; // ------------------ // mail param injection via the vulnerability in PHPMailer requireonce'class.phpmailer.php'; $mail = new PHPMailer; // defaults to using php "mail" $mail-SetFrom$emailfrom, 'Client Name'...

PHPMailer &lt; 5.2.18 - Remote Code Execution

09607 "; // ------------------ // mail param injection via the vulnerability in PHPMailer requireonce'class.phpmailer.php'; $mail = new PHPMailer; // defaults to using php "mail" $mail-SetFrom$emailfrom, 'C...

Roundcube: Arbitrary code execution

Background Free and open source webmail software for the masses, written in PHP. Description Roundcube, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom envelope-from addresses on the sendmail command line. Impact An authenticated...