Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS04amMzLTVwMjktcWdqeM4AA5CY

Moderate EPSS: 0.00713% (0.71305 Percentile) EPSS:
Permalink JSON

PHPMailer Local file inclusion

Affected Packages Affected Versions Fixed Versions
packagist:phpmailer/phpmailer < 5.2.0 5.2.0
1,306 Dependent packages
19,318 Dependent repositories
79,187,334 Downloads total

Affected Version Ranges

All affected versions

All unaffected versions

5.2.2, 5.2.4, 5.2.5, 5.2.6, 5.2.7, 5.2.8, 5.2.9, 5.2.10, 5.2.11, 5.2.12, 5.2.13, 5.2.14, 5.2.15, 5.2.16, 5.2.17, 5.2.18, 5.2.19, 5.2.20, 5.2.21, 5.2.22, 5.2.23, 5.2.24, 5.2.25, 5.2.26, 5.2.27, 5.2.28, 6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.1.0, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.1.6, 6.1.7, 6.1.8, 6.2.0, 6.3.0, 6.4.0, 6.4.1, 6.5.0, 6.5.1, 6.5.2, 6.5.3, 6.5.4, 6.6.0, 6.6.1, 6.6.2, 6.6.3, 6.6.4, 6.6.5, 6.7.1, 6.8.0, 6.8.1, 6.9.0, 6.9.1, 6.9.2, 6.9.3

Impact

Arbitrary local file inclusion via the $lang property, remotely exploitable if host application passes unfiltered user data into that property. The 3 CVEs listed are applications that used PHPMailer that were vulnerable to this problem.

Patches

It's not known exactly when this was fixed in the host applications, but it was fixed in PHPMailer 5.2.0.

Workarounds

Filter and validate user-supplied data before use.

References

https://nvd.nist.gov/vuln/detail/CVE-2006-5734
https://nvd.nist.gov/vuln/detail/CVE-2007-3215
https://nvd.nist.gov/vuln/detail/CVE-2007-2021
Example exploit: https://www.exploit-db.com/exploits/14893

For more information

If you have any questions or comments about this advisory:

References:

Identifiers

GHSA-8jc3-5p29-qgjx

CVE-2006-5734

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00713

EPSS Percentile: 0.71305

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/PHPMailer/PHPMailer

Date and time

Published

over 1 year ago

Updated

over 1 year ago

API

JSON