CVE-2007-3215
CVE-2007-3215
PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://larholm.com/2007/06/11/phpmailer-0day-remote-execution/http://osvdb.org/37206http://osvdb.org/76139http://seclists.org/fulldisclosure/2011/Oct/223http://secunia.com/advisories/25626http://secunia.com/advisories/25755http://secunia.com/advisories/25758http://securityreason.com/securityalert/2802https://exchange.xforce.ibmcloud.com/vulnerabilities/34818http://sourceforge.net/project/shownotes.php?release_id=517428&group_id=157374https://sourceforge.net/tracker/index.php?func=detail&aid=1734811&group_id=26031&atid=385707http://www.debian.org/security/2007/dsa-1315