EUVD-2009-4628

Malware in sbrugna...

BIT-WORDPRESS-2020-36326

PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...

BIT-PHPMAILER-2020-36326

PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...

CVE-2020-36326

PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...

PHPMailer 6.1.8 < 6.4.1 Object Injection Vulnerability

PHPMailer contains an object injection vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-36326

PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...

CVE-2020-36326

PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...

UBUNTU-CVE-2020-36326

PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...

CVE-2020-36326

PHPMailer is affected in versions 6.1.8–6.4.0 by an object-injection vulnerability via Phar deserialization when using addAttachment with a UNC pathname. The issue arose after 6.1.8 fixed a UNC-path readability problem, unintentionally removing a block that previously prevented exploitation. Mult...

CVE-2020-36326

PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...

PHPMailer 代码问题漏洞

PHPMailer is a PHP class library for sending emails. PHPMailer is vulnerable to a code issue that allows object injection via addAttachment with a UNC pathname via Phar deserialization. No details of the vulnerability are currently available...

PT-2018-2631 · Php +2 · Phpmailer +2

Name of the Vulnerable Software and Affected Versions: PHPMailer versions prior to 5.2.27 PHPMailer versions 6.x prior to 6.0.6 Description: The issue is related to insufficient input validation in the PHPMailer library, allowing a remote attacker to perform an object injection attack. This could...

PHPMailer local file read Vulnerability (CVE-2017-5223)

Details source: http://www.freebuf.com/vuls/124820.html Author: Yxlink Affected versions: PHPMailer = 5.2.21 Vulnerability level: High-risk Vulnerability details: Vulnerability file function: class.phpmailer.php the encodeFile function. The function receives a $path variable, and finally the $pat...

Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows

Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows ActiveX settings: Binary path: C:Program Files x86BorlandCaliberRMemsmtp.dll Version: 5.0.0.11 ProgID: EasyMail.SMTP.5 CLSID: 4610E7BF-710F-11D3-813D-00C04F6B92D0 Safe for Scripting: True Safe for Initialization: True...

Quiksoft EasyMail 6 Buffer Overflow

Quiksoft EasyMail 6 AddAttachment Remote Buffer Overflow Exploit function strrepeat input, multiplier return new Arraymultiplier+1.joininput; //windows/exec CMD: calc Size: 144 bytes Encoder: x86/shikataganai ExitFunc: SEH shellcode =...

QuickSoft EasyMail ActiveX buffer overflow

Buffer overflows in connect and AddAttachment methods...

Quiksoft EasyMail 6 &#40;AddAttachment&#41; Remote Buffer Overflow Exploit

html head !-- -- Quiksoft EasyMail 6 AddAttachment Remote Buffer Overflow Exploit -- -- Its old and the latest version doesn't support this method. -- I was bored and a similar post sparked my interest. -- -- Advisory: http://www.bmgsec.com.au/advisory/48/ -- -- Written by: -- bmgsec bmgsec at...

Quiksoft EasyMail 6 - &#039;AddAttachment&#039; Remote Buffer Overflow

Quiksoft EasyMail 6 AddAttachment Remote Buffer Overflow Exploit function strrepeat input, multiplier return new Arraymultiplier+1.joininput; //windows/exec CMD: calc Size: 144 bytes Encoder: x86/shikataganai ExitFunc: SEH shellcode =...

Quiksoft EasyMail 6 (AddAttachment) Remote Buffer Overflow Exploit

Exploit for windows platform in category remote exploits ================================================================== Quiksoft EasyMail 6 AddAttachment Remote Buffer Overflow Exploit ================================================================== Quiksoft EasyMail 6 AddAttachment Remote...

Quiksoft EasyMail 6 - AddAttachment Remote Buffer Overflow

Quiksoft EasyMail 6 - AddAttachment Remote Buffer Overflow Quiksoft EasyMail 6 AddAttachment Remote Buffer Overflow Exploit function strrepeat input, multiplier return new Arraymultiplier+1.joininput; //windows/exec CMD: calc Size: 144 bytes Encoder: x86/shikataganai ExitFunc: SEH shellcode =...