8 matches found
EUVD-2021-1277
Malware in sbrugna...
The vulnerability of the validateAddress function in the PHPMailer library allows a hacker to execute arbitrary code.
The vulnerability of the validateAddress function in the PHPMailer library is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
DEBIAN-CVE-2021-3603
PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called if such code is injected into the host project's scope by other means. If the $patternselect parameter to validateAddress is set to 'php' the default, defined by PHPMailer::$validator, and the globa...
CVE-2021-3603
PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called if such code is injected into the host project's scope by other means. If the $patternselect parameter to validateAddress is set to 'php' the default, defined by PHPMailer::$validator, and the globa...
UBUNTU-CVE-2021-3603
PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called if such code is injected into the host project's scope by other means. If the $patternselect parameter to validateAddress is set to 'php' the default, defined by PHPMailer::$validator, and the globa...
PT-2021-3390 · Phpmailer +3 · Phpmailer +3
Name of the Vulnerable Software and Affected Versions: PHPMailer versions 6.4.1 and earlier Description: The issue is related to the validateAddress function in PHPMailer, which can lead to the execution of untrusted code if such code is injected into the host project's scope by other means. This...
in phpmailer/phpmailer
✍️ Description validateAddress function used to validate email addresses, uses calluserfunc to call the callable from the name of callable provided to the function as an argument $patternselect. But if no argument is passed, the function sets "php" as default value to $patternselect variable on...
UBUNTU-CVE-2015-8476
Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an 1 email address to the validateAddress function in class.phpmailer.php or 2 SMTP command to the sendCommand function in class.smtp.php, a different...