| CVE-2016-10033 |
high |
— |
10.0 |
|
|
|
6y ago |
PHPMailer contains a command injection vulnerability because it fails to sanitize user-supplied input. Specifically, this issue affects the 'mail()' function of 'class.phpmailer.php' script. An attac… |
| CVE-2016-10045 |
critical |
9.8 |
10.0 |
|
|
|
10y ago |
Remote code execution in PHPMailer |
| CVE-2017-5223 |
medium |
5.5 |
6.5 |
|
|
|
10y ago |
Local file disclosure in PHPMailer |
| CVE-2017-11503 |
medium |
6.1 |
6.1 |
|
|
|
9y ago |
Cross-site scripting in PHPMailer |
| CVE-2015-8476 |
medium |
— |
5.0 |
|
|
|
11y ago |
SMTP Injection in PHPMailer |
| CVE-2012-0796 |
medium |
— |
4.0 |
|
|
|
14y ago |
PHPMailer vulnerable to email header injection |
| CVE-2008-5619 |
unknown |
— |
1.0 |
|
|
|
4y ago |
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attack… |
| CVE-2006-5734 |
unknown |
— |
— |
|
|
|
2y ago |
PHPMailer Local file inclusion |
| CVE-2007-3215 |
unknown |
— |
— |
|
|
|
2y ago |
PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php. |
| CVE-2021-3603 |
unknown |
— |
— |
|
|
|
5y ago |
PHPMailer untrusted code may be run from an overridden address validator |
| CVE-2021-34551 |
unknown |
— |
— |
|
|
|
5y ago |
Remote Code Execution vulnerability in PHPMailer 6.4.1 running on Windows |
| CVE-2020-36326 |
unknown |
— |
— |
|
|
|
5y ago |
Object injection in PHPMailer/PHPMailer |
| CVE-2020-13625 |
unknown |
— |
— |
|
|
|
6y ago |
Insufficient output escaping of attachment names in PHPMailer |
| CVE-2018-19296 |
unknown |
— |
— |
|
|
|
6y ago |
Phar object injection in PHPMailer |
