VIR Vulnerability Intelligence Relay

Package impact

php Packagist / phpmailer/phpmailer

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2016-10045 critical 9.8 9.8 10y ago Remote code execution in PHPMailer archdebianphp
CVE-2016-10033 high 9.5 6y ago PHPMailer contains a command injection vulnerability because it fails to sanitize user-supplied input. Specifically, this issue affects the 'mail()' function of 'class.phpmailer.php' script. An attac… archdebianphp
CVE-2017-11503 medium 6.1 6.1 9y ago Cross-site scripting in PHPMailer debianphp
CVE-2017-5223 medium 5.5 5.5 10y ago Local file disclosure in PHPMailer susedebianphp
CVE-2015-8476 medium 5.0 11y ago SMTP Injection in PHPMailer debianphp
CVE-2012-0796 medium 4.0 14y ago PHPMailer vulnerable to email header injection php
CVE-2006-5734 unknown 2y ago PHPMailer Local file inclusion php
CVE-2007-3215 unknown 2y ago PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php. debianphp
CVE-2008-5619 unknown 4y ago html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attack… debianphp
CVE-2021-3603 unknown 5y ago PHPMailer untrusted code may be run from an overridden address validator debianphp
CVE-2021-34551 unknown 5y ago Remote Code Execution vulnerability in PHPMailer 6.4.1 running on Windows debianphp
CVE-2020-36326 unknown 5y ago Object injection in PHPMailer/PHPMailer debianphp
CVE-2020-13625 unknown 6y ago Insufficient output escaping of attachment names in PHPMailer debianphp
CVE-2018-19296 unknown 6y ago Phar object injection in PHPMailer debianphp