Lucene search
K

18 matches found

OpenVAS
OpenVAS
added 2023/03/16 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-5956-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.99714EPSS
Exploits67References4
OpenVAS
OpenVAS
added 2023/03/16 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-5956-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.99714EPSS
Exploits67References2
OSV
OSV
added 2023/03/15 7:58 p.m.4 views

USN-5956-2 libphp-phpmailer vulnerability

USN-5956-1 fixed vulnerabilities in PHPMailer. It was discovered that the fix for CVE-2017-11503 was incomplete. This update fixes the problem. Original advisory details: Dawid Golunski discovered that PHPMailer was not properly escaping user input data used as arguments to functions executed by...

6.1CVSS7AI score0.024EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.30 views

Mageia: Security Advisory (MGASA-2017-0022)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.99714EPSS
Exploits64References8
Debian
Debian
added 2018/11/23 9:41 a.m.214 views

[SECURITY] [DLA 1591-1] libphp-phpmailer security update

Package : libphp-phpmailer Version : 5.2.9+dfsg-2+deb8u4 CVE IDs : CVE-2017-5223 CVE-2018-19296 It was discovered that there were two vulnerabilities libphp-phpmailer, an email library for the PHP programming language: CVE-2017-5223: Local file disclosure vulnerability via relative path HTML...

8.8CVSS8AI score0.02211EPSS
Exploits6
OpenVAS
OpenVAS
added 2018/11/22 12:0 a.m.33 views

Debian: Security Advisory (DLA-1591-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.3AI score0.02211EPSS
Exploits6References2
Check Point Advisories
Check Point Advisories
added 2018/04/11 12:0 a.m.17 views

PHPMailer Local Information Disclosure (CVE-2017-5223) - Ver2

An information disclosure vulnerability exists in PHPMailer. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

2.1CVSS2AI score0.02143EPSS
Exploits6
Packet Storm
Packet Storm
added 2017/10/26 12:0 a.m.188 views

PHPMailer 5.2.21 Local File Disclosure

Exploit Title: PHPMailer SetFrom$POST"your-email", $POST"your-name"; $address = "admin@localhost"; $mail-AddAddress$address, "root"; if isset$POST'cc' $mail-AddCC$POST"your-email", $POST"your-name"; $mail-Subject = "PHPMailer MsgHTML$POST"your-message"; if!$mail-Send echo "Error: ".$mail-ErrorInf...

2.1CVSS6.3AI score0.02143EPSS
Exploits6
0day.today
0day.today
added 2017/10/26 12:0 a.m.246 views

PHPMailer 5.2.21 Local File Disclosure Exploit

Exploit for php platform in category local exploits Exploit Title: PHPMailer SetFrom$POST"your-email", $POST"your-name"; $address = "email protected"; $mail-AddAddress$address, "root"; if isset$POST'cc' $mail-AddCC$POST"your-email", $POST"your-name"; $mail-Subject = "PHPMailer...

2.1CVSS6.1AI score0.02143EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/10/25 12:0 a.m.46 views

PHPMailer < 5.2.21 - Local File Disclosure

Exploit Title: PHPMailer SetFrom$POST"your-email", $POST"your-name"; $address = "admin@localhost"; $mail-AddAddress$address, "root"; if isset$POST'cc' $mail-AddCC$POST"your-email", $POST"your-name"; $mail-Subject = "PHPMailer MsgHTML$POST"your-message"; if!$mail-Send echo "Error: ".$mail-ErrorInf...

5.5CVSS5.9AI score0.02143EPSS
Exploits6
exploitpack
exploitpack
added 2017/10/25 12:0 a.m.27 views

PHPMailer 5.2.21 - Local File Disclosure

PHPMailer 5.2.21 - Local File Disclosure Exploit Title: PHPMailer SetFrom$POST"your-email", $POST"your-name"; $address = "admin@localhost"; $mail-AddAddress$address, "root"; if isset$POST'cc' $mail-AddCC$POST"your-email", $POST"your-name"; $mail-Subject = "PHPMailer MsgHTML$POST"your-message";...

2.1CVSS5.9AI score0.02143EPSS
Exploits6
Debian
Debian
added 2017/02/06 9:0 a.m.28 views

[SECURITY] [DLA 817-1] libphp-phpmailer security update

Package : libphp-phpmailer Version : 5.1-1.3+deb7u1 CVE ID : CVE-2017-5223 Debian Bug : 853232 It was discovered that there was a local file disclosure vulnerability in libphp-phpmailer, a email transfer class for PHP, where insufficient parsing of HTML messages could potentially be used by...

5.5CVSS5.5AI score0.02143EPSS
Exploits6
Mageia
Mageia
added 2017/01/27 9:19 a.m.58 views

Updated php-phpmailer packages fix security vulnerabilities

It was discovered that PHPMailer, a popular library to send email from PHP applications, allowed a remote attacker to execute code if they were able to provide a crafted Sender address CVE-2016-10033. It was discovered that PHPMailer prior to 5.2.22 contained a local file disclosure vulnerability...

9.8CVSS1.9AI score0.99714EPSS
Exploits64References4
Tenable Nessus
Tenable Nessus
added 2017/01/18 12:0 a.m.148 views

Fedora 24 : php-PHPMailer (2017-c3dc97e1e1)

Version 5.2.22 January 5th 2017 - SECURITY Fix CVE-2017-5223, local file disclosure vulnerability if content passed to msgHTML is sourced from unfiltered user input. Reported by Yongxiang Li of Asiasecurity. The fix for this means that calls to msgHTML without a $basedir will not import images wi...

9.8CVSS7.1AI score0.99714EPSS
Exploits65References6
CVE
CVE
added 2017/01/16 6:0 a.m.146 views

CVE-2017-5223

CVE-2017-5223 affects PHPMailer before 5.2.22. The vulnerability arises in msgHTML, which transforms HTML and may convert relative image URLs to attachments using a base directory. If no base directory is provided, relative URLs become absolute local file paths, enabling local file disclosure whe...

5.5CVSS5.4AI score0.02143EPSS
Exploits6References4Affected Software1
Debian CVE
Debian CVE
added 2017/01/16 6:0 a.m.47 views

CVE-2017-5223

An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using a script-provided base directory. If no base...

5.5CVSS5.6AI score0.02143EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2017/01/13 12:0 a.m.37 views

FreeBSD : phpmailer -- Remote Code Execution (7ae0be99-d8bb-11e6-9b7f-d43d7e971a1b)

SecurityFocus reports : PHPMailer is prone to an local information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

5.5CVSS6AI score0.02143EPSS
Exploits6References3
Friends Of PHP
Friends Of PHP
added 2016/01/06 9:35 p.m.29 views

Local File Disclosure

SECURITY Fix CVE-2017-5223, local file disclosure vulnerability if content passed to msgHTML is sourced from unfiltered user input. Reported by Yongxiang Li of Asiasecurity. The fix for this means that calls to msgHTML without a $basedir will not import images with relative URLs, and relative...

5.5CVSS5.5AI score0.02143EPSS
Exploits6Affected Software1
Rows per page
Query Builder