phpmailer – WindowsTechs.com

0-Day Flaws in Vanilla Forums Let Remote Attackers Hack Websites

Posted on May 12, 2017 by Mohit Kumar

A security researcher has publicly disclosed two critical zero-day vulnerabilities in Vanilla Forums, an open source software that powers discussion on over 500,000 websites, which could allow unauthenticated, remote attackers to fully compromise targe… Continue reading 0-Day Flaws in Vanilla Forums Let Remote Attackers Hack Websites→

No Fix for SquirrelMail Remote Code Execution Vulnerability

Posted on April 24, 2017 by Chris Brook

SquirrelMail suffers from a remote code execution vulnerability that could let attackers execute arbitrary commands on the target and compromise the remote system. Continue reading No Fix for SquirrelMail Remote Code Execution Vulnerability→

WordPress 4.7.1 Fixes CSRF, XSS, PHPMailer Vulnerabilities

Posted on January 12, 2017 by Chris Brook

A new WordPress update, pushed this week, resolves eight security issues, including a handful of XSS and CSRF bugs. Continue reading WordPress 4.7.1 Fixes CSRF, XSS, PHPMailer Vulnerabilities→

PHPMailer could put your website at risk: here’s what you need to know

Posted on January 3, 2017 by Paul Ducklin

A security hole in a website component commonly used for generating automatic emails could give crooks complete control over your server. Continue reading PHPMailer could put your website at risk: here’s what you need to know→

Critical Updates — RCE Flaws Found in SwiftMailer, PhpMailer and ZendMail

Posted on January 3, 2017 by Swati Khandelwal

A security researcher recently reported a critical vulnerability in one of the most popular open source PHP libraries used to send emails that allowed a remote attacker to execute arbitrary code in the context of the web server and compromise a web app… Continue reading Critical Updates — RCE Flaws Found in SwiftMailer, PhpMailer and ZendMail→

PHPMailer, SwiftMailer Updates Resolve Critical Remote Code Execution Vulnerabilities

Posted on December 29, 2016 by Chris Brook

Critical remote code execution vulnerabilities in PHPMailer and SwiftMailer, libraries used to send emails via PHP, were patched this week. Continue reading PHPMailer, SwiftMailer Updates Resolve Critical Remote Code Execution Vulnerabilities→

PHPMailer Bug Leaves Millions of Websites Open to Attack

Posted on December 27, 2016 by Tom Spring

A critical PHPMailer bug tied to the way websites handle email and feedback forms is leaving millions of websites hosted on popular web-publishing platforms such as WordPress, Drupal and Joomla open to attack. Continue reading PHPMailer Bug Leaves Millions of Websites Open to Attack→

Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit

Posted on December 26, 2016 by Mohit Kumar

A critical vulnerability has been discovered in PHPMailer, which is one of the most popular open source PHP libraries to send emails used by more than 9 Million users worldwide.

Millions of PHP websites and popular open source web applications, includ… Continue reading Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit→

Santa Knows If Your Contact Form Uses PHPMailer < 5.2.18

Posted on December 26, 2016 by Pedro Umbelino

PHPMailer, one of the most used classes for sending emails from within PHP, has a serious vulnerability in versions less than 5.2.18 (current version). The security researcher [Dawid Golunski] just published a limited advisory stating that PHPMailer suffers from a critical flaw that might lead an attacker to achieve remote code execution in the context of the web server user. PHPMailer is used by several open-source projects, among them are: WordPress, Drupal, 1CRM, SugarCRM, Yii and Joomla. A fix has been issued and PHPMailer is urging all users to upgrade their systems.

To trigger this vulnerability (CVE-2016-10033) it seems that …read more

Continue reading Santa Knows If Your Contact Form Uses PHPMailer < 5.2.18→