2 matches found
PHPMailer Local file inclusion
Impact Arbitrary local file inclusion via the $lang property, remotely exploitable if host application passes unfiltered user data into that property. The 3 CVEs listed are applications that used PHPMailer that were vulnerable to this problem. Patches It's not known exactly when this was fixed in...
CVE-2007-2021
CVE-2007-2021: Multiple PHP remote file inclusion flaws in Pineapple Technologies Lore 1 permit remote code execution via crafted URLs in the lang_path parameter of third_party/phpmailer/class.phpmailer.php or the get_plugin_file_path parameter of third_party/smarty/libs/plugins/function.html_che...