CVE-2024-53860 Potential Abuse for Sending Arbitrary Emails in sp-php-email-handler

sp-php-email-handler is a PHP package for handling contact form submissions. Messages sent using this script are vulnerable to abuse, as the script allows anybody to specify arbitrary email recipients and include user-provided content in confirmation emails. This could enable malicious actors to...

SP PHP Email Handler 注入漏洞

SP PHP Email Handler is a PHP package for handling contact form submissions from the individual developer Spencer14420. An injection vulnerability exists in versions of SP PHP Email Handler prior to 1.0.0, which stems from the vulnerability of messages sent to be abused, allowing an attacker to u...

PT-2024-35958 · Unknown · Sp-Php-Email-Handler

Name of the Vulnerable Software and Affected Versions: sp-php-email-handler versions prior to 1.0.0 Description: The sp-php-email-handler PHP package is vulnerable to abuse, allowing malicious actors to specify arbitrary email recipients and include user-provided content in confirmation emails...