Showing 1 - 3 of 3

CVE-2016-10045

Status Candidate

Overview

The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.

Related Files

PHPMailer Sendmail Argument Injection: Posted Jan 4, 2017; Authored by Dawid Golunski, Spencer McIntyre | Site metasploit.com; PHPMailer versions up to and including 5.2.19 are affected by a vulnerability which can be leveraged by an attacker to write a file with partially controlled contents to an arbitrary location through injection of arguments that are passed to the sendmail binary. This Metasploit module writes a payload to the web root of the webserver before then executing it with an HTTP request. The user running PHPMailer must have write access to the specified WEB_ROOT directory and successful exploitation can take a few minutes.; tags | exploit, web, arbitrary, root; advisories | CVE-2016-10033, CVE-2016-10045; MD5 | a8dc72e0680b992ed76e35257184f274; Download | Favorite | Comments (0)

PHPMailer / Zend-mail / SwiftMailer Remote Code Execution: Posted Jan 3, 2017; Authored by Dawid Golunski; This proof of concept exploit aims to execute a reverse shell on the target in the context of the web server user via a vulnerable PHP email library.; tags | exploit, web, shell, php, proof of concept; advisories | CVE-2016-10033, CVE-2016-10034, CVE-2016-10045, CVE-2016-10074; MD5 | a0be91defae2564f4405c81fdeab38cd; Download | Favorite | Comments (0)

PHPMailer Remote Code Execution: Posted Dec 28, 2016; Authored by Dawid Golunski; PHPMailer versions prior to 5.2.20 zero day remote code execution exploit. This bypasses the CVE-2016-10033 patch.; tags | exploit, remote, code execution; advisories | CVE-2016-10033, CVE-2016-10045; MD5 | 866aa935950ebe6d9acfd7e53a16846c; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Red Hat 68 files
Ubuntu 41 files
Debian 28 files
Google Security Research 27 files
Gentoo 21 files
Todor Donev 15 files
Sureshbabu Narvaneni 11 files
mjurczyk 9 files
Apple 7 files
lokihardt 6 files

File Archives

Systems

AIX (409)
Apple (1,539)
BSD (333)
Cisco (1,807)
Debian (5,485)
Fedora (1,679)
FreeBSD (1,193)
Gentoo (3,561)
HPUX (865)
iOS (171)
iPhone (103)
IRIX (219)
Juniper (66)
Linux (33,219)
Mac OS X (652)
Mandriva (3,105)
NetBSD (254)
OpenBSD (455)
RedHat (6,401)
Slackware (814)
Solaris (1,569)
SUSE (1,444)
Ubuntu (5,589)
UNIX (8,259)
UnixWare (172)
Windows (5,320)
Other