32 matches found
EUVD-2021-1283
Malware in sbrugna...
EUVD-2016-8081
Malware in sbrugna...
EUVD-2021-1129
Malware in sbrugna...
EUVD-2010-4254
Malware in sbrugna...
BIT-WORDPRESS-2020-36326
PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...
BIT-WORDPRESS-MULTISITE-2020-36326
PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...
BIT-PHPMAILER-2020-36326
PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...
BIT-PHPMAILER-2021-34551
PHPMailer before 6.5.0 on Windows allows remote code execution if langpath is untrusted data and has a UNC pathname...
CVE-2020-36326
PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...
CVE-2021-34551
PHPMailer before 6.5.0 on Windows allows remote code execution if langpath is untrusted data and has a UNC pathname...
CVE-2021-34551
PHPMailer before 6.5.0 on Windows allows remote code execution if langpath is untrusted data and has a UNC pathname...
Remote code execution
PHPMailer before 6.5.0 on Windows allows remote code execution if langpath is untrusted data and has a UNC pathname...
CVE-2021-34551
PHPMailer before 6.5.0 on Windows allows remote code execution if langpath is untrusted data and has a UNC pathname...
CVE-2021-34551
PHPMailer before 6.5.0 on Windows allows remote code execution if langpath is untrusted data and has a UNC pathname...
PHPMailer code issue vulnerability
PHPMailer is a PHP class library for sending emails. PHPMailer is vulnerable to a code issue that allows object injection via addAttachment with a UNC pathname via Phar deserialization. No details of the vulnerability are currently available...
PHPMailer 6.1.8 < 6.4.1 Object Injection Vulnerability
PHPMailer contains an object injection vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Arbitrary Code Execution
phpmailer/phpmailer is vulnerable to arbitrary code execution. An attacker is able to exploit the vulnerability by injecting malicious code via the Phar Deserialization via addAttachment with a UNC pathname...
CVE-2020-36326
PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...
CVE-2020-36326
PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...
CVE-2020-36326
PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in...