PHP4 and PHP5, when used with Sendmail, allow for a security bypass in mb_send_mail.
c145c851aa0176be54e9ab631a049b6fb825e224d09b9d8e6cdba8c73ed9da88
A vulnerability in c-client library versions 2000, 2001, and 2004 allows mail_open to be used as a vector to open a stream to local files, bypassing safemode and open_basedir restrictions.
5cad86568fba36d75b88e0c315daf8dc23941ef4f29307560d79ddef418eca1b