GHSA-8jc3-5p29-qgjx

Source

https://github.com/advisories/GHSA-8jc3-5p29-qgjx

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-8jc3-5p29-qgjx/GHSA-8jc3-5p29-qgjx.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-8jc3-5p29-qgjx

Aliases

CVE-2006-5734

Published

2024-02-02T20:43:57Z

Modified

2024-02-02T20:58:49.424373Z

Summary

PHPMailer Local file inclusion

Details

Impact

Arbitrary local file inclusion via the $lang property, remotely exploitable if host application passes unfiltered user data into that property. The 3 CVEs listed are applications that used PHPMailer that were vulnerable to this problem.

Patches

It's not known exactly when this was fixed in the host applications, but it was fixed in PHPMailer 5.2.0.

Workarounds

Filter and validate user-supplied data before use.

References

https://nvd.nist.gov/vuln/detail/CVE-2006-5734 https://nvd.nist.gov/vuln/detail/CVE-2007-3215 https://nvd.nist.gov/vuln/detail/CVE-2007-2021 Example exploit: https://www.exploit-db.com/exploits/14893

For more information

If you have any questions or comments about this advisory: * Open a private issue in the PHPMailer project

Database specific

{
    "nvd_published_at": null,
    "cwe_ids": [],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-02T20:43:57Z"
}

References

Affected packages

Packagist / phpmailer/phpmailer

Package

Name: phpmailer/phpmailer
Purl: pkg:composer/phpmailer/phpmailer

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.2.0