Headline
GHSA-8jc3-5p29-qgjx: PHPMailer Local file inclusion
Impact
Arbitrary local file inclusion via the $lang property, remotely exploitable if host application passes unfiltered user data into that property. The 3 CVEs listed are applications that used PHPMailer that were vulnerable to this problem.
Patches
It’s not known exactly when this was fixed in the host applications, but it was fixed in PHPMailer 5.2.0.
Workarounds
Filter and validate user-supplied data before use.
References
https://nvd.nist.gov/vuln/detail/CVE-2006-5734 https://nvd.nist.gov/vuln/detail/CVE-2007-3215 https://nvd.nist.gov/vuln/detail/CVE-2007-2021 Example exploit: https://www.exploit-db.com/exploits/14893
For more information
If you have any questions or comments about this advisory:
- Open a private issue in the PHPMailer project
Package
composer phpmailer/phpmailer (Composer)
Affected versions
< 5.2.0
Patched versions
5.2.0
Description
Impact
Arbitrary local file inclusion via the $lang property, remotely exploitable if host application passes unfiltered user data into that property. The 3 CVEs listed are applications that used PHPMailer that were vulnerable to this problem.
Patches
It’s not known exactly when this was fixed in the host applications, but it was fixed in PHPMailer 5.2.0.
Workarounds
Filter and validate user-supplied data before use.
References
https://nvd.nist.gov/vuln/detail/CVE-2006-5734
https://nvd.nist.gov/vuln/detail/CVE-2007-3215
https://nvd.nist.gov/vuln/detail/CVE-2007-2021
Example exploit: https://www.exploit-db.com/exploits/14893
For more information
If you have any questions or comments about this advisory:
- Open a private issue in the PHPMailer project
References
- GHSA-8jc3-5p29-qgjx
Synchro published to PHPMailer/PHPMailer
Mar 5, 2020
Published to the GitHub Advisory Database
Feb 2, 2024
Reviewed
Feb 2, 2024
Last updated
Feb 2, 2024