CVE-2007-3215

Published: Jun 14, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20070611 PHPMailer command execution

mailing-list

x_refsource_BUGTRAQ

DSA-1315

vendor-advisory

x_refsource_DEBIAN

http://sourceforge.net/project/shownotes.php?release_id=517428&group_id=157374

x_refsource_CONFIRM

phpmailer-popen-command-execution(34818)

vdb-entry

x_refsource_XF

25755

third-party-advisory

x_refsource_SECUNIA

2802

third-party-advisory

x_refsource_SREASON

76139

vdb-entry

x_refsource_OSVDB

24417

vdb-entry

x_refsource_BID

https://sourceforge.net/tracker/index.php?func=detail&aid=1734811&group_id=26031&atid=385707

x_refsource_MISC

37206

vdb-entry

x_refsource_OSVDB

ADV-2007-2267

vdb-entry

x_refsource_VUPEN

http://larholm.com/2007/06/11/phpmailer-0day-remote-execution/

x_refsource_MISC

http://yehg.net/lab/pr0js/advisories/%5BvTiger_5.2.1%5D_rce

x_refsource_MISC

25626

third-party-advisory

x_refsource_SECUNIA

25758

third-party-advisory

x_refsource_SECUNIA

ADV-2007-2161

vdb-entry

x_refsource_VUPEN

20111005 vTiger CRM 5.2.x <= Remote Code Execution Vulnerability

mailing-list

x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-3215

Description

Affected Products

References