CVE-2016-10045

The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.

References

Affected packages

Git / github.com/phpmailer/phpmailer

Affected ranges

Type

GIT

Repo

https://github.com/phpmailer/phpmailer

Events

Introduced

Fixed

efde5edb3da8e1d257e030e3c2d922c4de6e5d09

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "5.2.20"
        }
    ]
}

Type

GIT

Repo

https://github.com/wordpress/wordpress

Events

Introduced

Last affected

14247ee4302378d292863865c643abe99bbfe3c7

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.7"
        }
    ]
}

Affected versions

v2.*

v2.2.1

v5.*

v5.2.0

v5.2.1

v5.2.10

v5.2.11

v5.2.12

v5.2.13

v5.2.14

v5.2.15

v5.2.16

v5.2.17

v5.2.18

v5.2.19

v5.2.2

v5.2.4

v5.2.5

v5.2.6

v5.2.7

v5.2.8

v5.2.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10045.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "1.5.0"
            },
            {
                "last_affected": "3.6.5"
            }
        ]
    }
]