GHSA-8jc3-5p29-qgjx

Suggest an improvement
Source
https://github.com/advisories/GHSA-8jc3-5p29-qgjx
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-8jc3-5p29-qgjx/GHSA-8jc3-5p29-qgjx.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-8jc3-5p29-qgjx
Aliases
  • CVE-2006-5734
Published
2024-02-02T20:43:57Z
Modified
2024-02-02T21:12:32.813143Z
Summary
PHPMailer Local file inclusion
Details

Impact

Arbitrary local file inclusion via the $lang property, remotely exploitable if host application passes unfiltered user data into that property. The 3 CVEs listed are applications that used PHPMailer that were vulnerable to this problem.

Patches

It's not known exactly when this was fixed in the host applications, but it was fixed in PHPMailer 5.2.0.

Workarounds

Filter and validate user-supplied data before use.

References

https://nvd.nist.gov/vuln/detail/CVE-2006-5734 https://nvd.nist.gov/vuln/detail/CVE-2007-3215 https://nvd.nist.gov/vuln/detail/CVE-2007-2021 Example exploit: https://www.exploit-db.com/exploits/14893

For more information

If you have any questions or comments about this advisory: * Open a private issue in the PHPMailer project

Database specific
{
    "nvd_published_at": null,
    "cwe_ids": [],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-02T20:43:57Z"
}
References

Affected packages

Packagist / phpmailer/phpmailer

Package

Name
phpmailer/phpmailer
Purl
pkg:composer/phpmailer/phpmailer

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.2.0