mailing list archives
PHPMailer command execution
From: Thor Larholm <seclists () larholm com>
Date: Mon, 11 Jun 2007 19:46:16 +0200
PHPMailer is a widely deployed utility class used in PHP application to
handle emails sent through sendmail, PHP mailto() or SMTP. It is used in
PHP applications such as WordPress, Mantis, WebCalendar, Group-Office
and Joomla. The last official release happened on July 11, 2005.
If you have configured PHPMailer to use sendmail it has a remote command
execution vulnerability due to a lack of input validation. sendmail is
queried through the popen function which is called with a string
constructed from non-escaped user input.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- PHPMailer command execution Thor Larholm (Jun 11)