Phpmailer

phpmailer

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-3603 2Fedoraproject Phpmailer Project 2Fedora Phpmailer Nov 21, 2024 Jun 17, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called (if such code is injected into the host project's scope by other means). If the $patternselect parameter to validateAddre...Show more PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called (if such code is injected into the host project's scope by other means). If the $patternselect parameter to validateAddress() is set to 'php' (the default, defined by PHPMailer::$validator), and the global namespace contains a function called php, it will be called in preference to the built-in validator of the same name. Mitigated in PHPMailer 6.5.0 by denying the use of simple strings as validator function names.Show less
CVE-2021-34551 2Fedoraproject Phpmailer Project 2Fedora Phpmailer Nov 21, 2024 Jun 16, 2021 N/A· v4 8.1 HIGH· v3 5.1 MEDIUM· v2 PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname.
CVE-2020-36326 2Phpmailer Project Wordpress 2Phpmailer Wordpress Nov 21, 2024 Apr 28, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in...Show more PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in safe contexts. As an unintended side effect, this fix eliminated the code that blocked addAttachment exploitation.Show less
CVE-2020-13625 4Canonical DebianFedoraproject+1 more 4Debian Linux FedoraPhpmailer+1 more Nov 21, 2024 Jun 8, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. This can result in the file type being misinterpreted by the receiver or any mail relay process...Show more PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. This can result in the file type being misinterpreted by the receiver or any mail relay processing the message.Show less
CVE-2018-19296 4Debian FedoraprojectPhpmailer Project+1 more 4Debian Linux FedoraPhpmailer+1 more Nov 21, 2024 Nov 16, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.
CVE-2017-11503 1Phpmailer Project 1Phpmailer May 13, 2026 Jul 20, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 PHPMailer 5.2.23 has XSS in the "From Email Address" and "To Email Address" fields of code_generator.php.
CVE-2017-5223 1Phpmailer Project 1Phpmailer May 13, 2026 Jan 16, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative ima...Show more An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using a script-provided base directory. If no base directory is provided, it resolves to /, meaning that relative image URLs get treated as absolute local file paths and added as attachments. To form a remote vulnerability, the msgHTML method must be called, passed an unfiltered, user-supplied HTML document, and must not set a base directory.Show less
CVE-2016-10045 3Joomla Phpmailer ProjectWordpress 3Joomla PhpmailerWordpress May 6, 2026 Dec 30, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshell...Show more The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.Show less
CVE-2016-10033 3Joomla Phpmailer ProjectWordpress 3Joomla PhpmailerWordpress Apr 21, 2026 Dec 30, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote)...Show more The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.Show less
CVE-2015-8476 2Debian Phpmailer Project 2Debian Linux Phpmailer May 6, 2026 Dec 16, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in class.phpmailer.php or (2...Show more Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in class.phpmailer.php or (2) SMTP command to the sendCommand function in class.smtp.php, a different vulnerability than CVE-2012-0796.Show less