XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. Xoops Development / 
  3. Xoops Bug Reports 
  4.  / [Fixed] command injection of phpmailer ? is this really important?
Register
11
vaughan
Re: [Fixed] command injection of phpmailer ? is this really important?

  • 2007/6/14 17:55

  • vaughan

  • Friend of XOOPS

  • Posts: 680

  • Since: 2005/11/26


Line 393 in the SendmailSend function in class.phpmailer.php has the vulnerable code. If the Sender property is set by the initiating script it is possible to execute arbitrary commands.

The Sender property is most typically set in the host application by reading the value of the e-mail field or comment forms, which is where most attack vectors will be found.

The solution of course is to properly escape the input with the escapeshellarg() or escapeshellcmd() functions.

above taken fromhttp://larholm.com/2007/06/11/phpmailer-0day-remote-execution/

maybe it isn't necessary to escape this->sendmail, i didn't write the solution i only passed the solution on.

but either way, it's more secure having it there is it not? (and it certainly doesn't do any harm)
12
macmend
Re: [Fixed] command injection of phpmailer ? is this really important?

  • 2008/11/24 16:08

  • macmend

  • Quite a regular

  • Posts: 285

  • Since: 2004/2/27


is this fixed in 2.3??
Free Mac Support

Ordinary Wisdom

apache server with php sshexec turned on
xoops version 2.0.18.1 & 2.3.1
php version 5.2.5
mysql version 5.0.45
« 1 (2)

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

186 user(s) are online (142 user(s) are browsing Support Forums)

Members: 0

Guests: 186

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: May 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits