Phpmailer Security Vulnerabilities and Issues — Phpmailer CVE List

Lucene search

Phpmailer ProjectPhpmailer

3 matches found

CVE•added 2018/11/16 9:29 a.m.•698 views

CVE-2018-19296

PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.

8.8CVSS8.6AI score0.01371EPSS

CVE•added 2021/06/16 6:15 p.m.•99 views

CVE-2021-34551

PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname.

8.1CVSS8.2AI score0.02108EPSS

CVE•added 2021/06/17 12:15 p.m.•96 views

CVE-2021-3603

PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called (if such code is injected into the host project's scope by other means). If the $patternselect parameter to validateAddress() is set to 'php' (the default, defined by PHPMailer::$validator), and the g...

8.1CVSS7.9AI score0.00488EPSS