Lucene search
K

11 matches found

Github Security Blog
Github Security Blog
added 2024/02/02 8:43 p.m.47 views

PHPMailer Local file inclusion

Impact Arbitrary local file inclusion via the $lang property, remotely exploitable if host application passes unfiltered user data into that property. The 3 CVEs listed are applications that used PHPMailer that were vulnerable to this problem. Patches It's not known exactly when this was fixed in...

7.5CVSS6.3AI score0.01381EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/02/02 8:43 p.m.18 views

GHSA-6H78-85V2-MMCH PHPMailer Shell command injection

PHPMailer before 1.7.4, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php. Impact Shell command injection, remotely exploitable if host application does not filter user data...

6.8CVSS7.2AI score0.02407EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2024/02/02 8:43 p.m.30 views

PHPMailer Shell command injection

PHPMailer before 1.7.4, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php. Impact Shell command injection, remotely exploitable if host application does not filter user data...

6.8CVSS7.8AI score0.02407EPSS
Exploits0References8Affected Software1
OpenVAS
OpenVAS
added 2018/09/25 12:0 a.m.64 views

PHPMailer < 2.0.0 rc1 'SendmailSend' RCE Vulnerability

PHPMailer is prone to a remote code execution RCE vulnerability. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

6.8CVSS7.2AI score0.02407EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2009/06/30 12:0 a.m.48 views

Ubuntu USN-791-1 (moodle)

The remote host is missing an update to moodle announced via advisory USN-791-1. For details, please visit the referenced security advisories. OpenVAS Vulnerability Test $Id: ubuntu7911.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7911.nasl 7969 2017-12-01 09:23:16Z santu $ Description:...

10CVSS0.5AI score0.54003EPSS
Exploits23References1
Tenable Nessus
Tenable Nessus
added 2007/06/27 12:0 a.m.32 views

Debian DSA-1315-1 : libphp-phpmailer - missing input validation

Thor Larholm discovered that libphp-phpmailer, an email transfer class for PHP, performs insufficient input validition if configured to use Sendmail. This allows the execution of arbitrary shell commands. The oldstable distribution sarge doesn't include libphp-phpmailer. %NASLMINLEVEL 70300 C...

6.8CVSS5.7AI score0.02407EPSS
Exploits0References2
Debian
Debian
added 2007/06/19 8:35 p.m.29 views

[SECURITY] [DSA 1315-1] New libphp-phpmailer packages fix arbitrary shell command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1315-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 19th, 2007 http://www.debian.org/security/faq -...

6.8CVSS6.5AI score0.02407EPSS
Exploits0
OSV
OSV
added 2007/06/14 10:30 p.m.8 views

CVE-2007-3215

PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php...

7.3AI score
Exploits0References17
Debian CVE
Debian CVE
added 2007/06/14 10:0 p.m.26 views

CVE-2007-3215

PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php...

6.8CVSS7.3AI score0.02407EPSS
Exploits0
CVE
CVE
added 2007/06/14 10:0 p.m.84 views

CVE-2007-3215

PHPMailer CVE-2007-3215 describes a remote code execution in PHPMailer 1.7 when configured to use Sendmail, allowing shell metacharacters in SendmailSend to execute commands. The issue is noted in multiple advisories (e.g., OSV/GHSA entries) and was fixed in PHPMailer 1.7.4. Public disclosures in...

6.8CVSS7.3AI score0.02407EPSS
Exploits0References17Affected Software1
UbuntuCve
UbuntuCve
added 2007/06/14 12:0 a.m.27 views

CVE-2007-3215

PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php...

6.8CVSS6.1AI score0.02407EPSS
Exploits0References2
Rows per page
Query Builder