CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-3603 – Inclusion of Functionality from Untrusted Control Sphere in PHPMailer/PHPMailer
https://notcve.org/view.php?id=CVE-2021-3603
17 Jun 2021 — PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called (if such code is injected into the host project's scope by other means). If the $patternselect parameter to validateAddress() is set to 'php' (the default, defined by PHPMailer::$validator), and the global namespace contains a function called php, it will be called in preference to the built-in validator of the same name. Mitigated in PHPMailer 6.5.0 by denying the use of simple strings as validator function n... • https://github.com/PHPMailer/PHPMailer/commit/45f3c18dc6a2de1cb1bf49b9b249a9ee36a5f7f3 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 8.1EPSS: 2%CPEs: 4EXPL: 0CVE-2021-34551
https://notcve.org/view.php?id=CVE-2021-34551
16 Jun 2021 — PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname. PHPMailer versiones anteriores a 6.5.0 en Windows, permite una ejecución de código remota si la función lang_path es un dato no confiable y presenta un nombre de ruta UNC • https://github.com/PHPMailer/PHPMailer/blob/master/SECURITY.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 1CVE-2020-13625 – Ubuntu Security Notice USN-5956-2
https://notcve.org/view.php?id=CVE-2020-13625
08 Jun 2020 — PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. This can result in the file type being misinterpreted by the receiver or any mail relay processing the message. PHPMailer versiones anteriores a 6.1.6, contiene un bug de escape de salida cuando el nombre de un archivo adjunto contiene un carácter de comillas dobles. Esto puede resultar en que el tipo de archivo esta siendo malinterpretado por el receptor o que cualquier retransmisión... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0CVE-2018-19296 – Ubuntu Security Notice USN-5956-2
https://notcve.org/view.php?id=CVE-2018-19296
16 Nov 2018 — PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack. PHPMailer en versiones anteriores a la 5.2.27 y versiones 6.x anteriores a la 6.0.6 es vulnerable a un ataque de inyección de objetos. Dawid Golunski discovered that PHPMailer was not properly escaping user input data used as arguments to functions executed by the system shell. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. • https://github.com/PHPMailer/PHPMailer/releases/tag/v5.2.27 • CWE-502: Deserialization of Untrusted Data CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •