Debian Linux Security Advisory 3769-1 - Dawid Golunski from LegalHackers discovered that PHP Swift Mailer, a mailing solution for PHP, did not correctly validate user input. This allowed a remote attacker to execute arbitrary code by passing specially formatted email addresses in specific email headers.
35e5943384aadc42f6da685cc43be28c
This proof of concept exploit aims to execute a reverse shell on the target in the context of the web server user via a vulnerable PHP email library.
a0be91defae2564f4405c81fdeab38cd
SwiftMailer versions prior to 5.4.5-DEV suffers from a remote code execution vulnerability.
867421c2ab76adf20394234a4a466e45