2 matches found
WordPress 4.5.x < 4.5.5 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the PHPMailer component in the class.phpmailer.php script due to improper handling of sender email addresses. An...
BigTree CMS - Bypass CSRF filter and execute code with PHPMailer
DESCRIPTION PHPMailer RCE CVE-2016-10033 An independent research uncovered a critical vulnerability in PHPMailer version Sender According to my analysis, if we can control the value of Sender, we can let sendmail save the context to any given path /var/www/html/shell.php, which means code...