23 matches found
EUVD-2020-0340
Malware in sbrugna...
EUVD-2020-0422
Malware in sbrugna...
EUVD-2021-1277
Malware in sbrugna...
EUVD-2020-0329
Malware in sbrugna...
EUVD-2021-1129
Malware in sbrugna...
EUVD-2024-0536
Malicious code in bioql PyPI...
SUSE CVE-2020-13625
PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. This can result in the file type being misinterpreted by the receiver or any mail relay processing the message...
UBUNTU-CVE-2021-3603
PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called if such code is injected into the host project's scope by other means. If the $patternselect parameter to validateAddress is set to 'php' the default, defined by PHPMailer::$validator, and the globa...
PT-2021-3321 · Phpmailer · Phpmailer
Name of the Vulnerable Software and Affected Versions: PHPMailer versions prior to 6.5.0 Description: The issue is related to errors in handling the lang path parameter in the setLanguage function of the PHPMailer library. This can allow a remote attacker to execute arbitrary code if the lang pat...
The vulnerability of many functions in the PHPMailer class in the PHPMailer library allows a attacker to compromise data integrity.
The vulnerability of many functions in the PHPMailer class library is related to the lack of mechanisms for encoding or encrypting output data. Exploiting this vulnerability allows a remote attacker to compromise the integrity of data...
Exploit for Argument Injection in Php
This repository is an exploit module for CVE-2018-19518, a vulnerability in the PHPMailer library. The exploit is written in Python and targets the PHPMailer library's use of the "mail" function to send emails. The vulnerability allows an attacker to inject malicious code into the email body, whi...
Unspecified Vulnerability in PHPMailer
PHPMailer is a PHP class library for sending e-mail . A security vulnerability exists in versions of PHPMailer prior to 6.1.6, which stems from the program failing to properly escape double quote characters when the name of a file attachment contains them. An attacker can exploit this vulnerabili...
Exploit for Argument Injection in Phpmailer_Project Phpmailer
This repository contains a collection of Perl scripts, each targeting a specific vulnerability. The vulnerabilities include: 1. CVE-2016-10033: A remote code execution vulnerability in PHPMailer before 5.2.18. 2. CVE-2016-6195: A SQL injection vulnerability in vBulletin before 4.2.2 Patch Level 5...
DEBIAN-CVE-2018-19296
PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack...
phpmailer -- Multiple vulnerability
The PHPMailer Team reports: CVE-2018-19296:Fix potential object injection vulnerability...
Exploit for Argument Injection in Phpmailer_Project Phpmailer
CVE-2016-10033 This vulnerability affects PHPMailer 5.2.18 a...
F5 Networks BIG-IP : PHPMailer vulnerability (K73926196)
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOT...
moodle -- multiple vulnerabilities
Marina Glancy reports: MSA-17-0001: System file inclusion when adding own preset file in Boost theme MSA-17-0002: Incorrect sanitation of attributes in forums MSA-17-0003: PHPMailer vulnerability in no-reply address MSA-17-0004: XSS in assignment submission page...
PHPMailer Information Disclosure Vulnerability
PHPMailer is a PHP class library for sending e-mail . A local information disclosure vulnerability exists in PHPMailer versions 5.0.0 through 5.2.22. An attacker can exploit this vulnerability to obtain sensitive information...
CVE-2016-10033
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " backslash double quote in a crafted Sender property...