Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS04amMzLTVwMjktcWdqeM4AA5CY

PHPMailer Local file inclusion

Impact

Arbitrary local file inclusion via the $lang property, remotely exploitable if host application passes unfiltered user data into that property. The 3 CVEs listed are applications that used PHPMailer that were vulnerable to this problem.

Patches

It's not known exactly when this was fixed in the host applications, but it was fixed in PHPMailer 5.2.0.

Workarounds

Filter and validate user-supplied data before use.

References

https://nvd.nist.gov/vuln/detail/CVE-2006-5734
https://nvd.nist.gov/vuln/detail/CVE-2007-3215
https://nvd.nist.gov/vuln/detail/CVE-2007-2021
Example exploit: https://www.exploit-db.com/exploits/14893

For more information

If you have any questions or comments about this advisory:

Permalink: https://github.com/advisories/GHSA-8jc3-5p29-qgjx
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS04amMzLTVwMjktcWdqeM4AA5CY
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 28 days ago
Updated: 28 days ago


Identifiers: GHSA-8jc3-5p29-qgjx, CVE-2006-5734
References:

Affected Packages

packagist:phpmailer/phpmailer
Versions: < 5.2.0
Fixed in: 5.2.0