Security: vulnerability in phpmailer
Posted by: phpppOn 2007/6/14 12:37:52 12955 readsA vulnerability is reported in PHPMailer, which can be exploited by malicious people to compromise a vulnerable system if Sendmail method is enabled.
Although the issue is not critical in XOOPS environment, we would suggest to switch to other methods than Sendmail, or to download quick fixes:
fix for XOOPS 2.0*
fix for XOOPS 2.2*
Note: official response and solutions are still being waited from phpmailer development group, and will be released in XOOPS 2.017 and XOOPS 2.25
Thank GIJOE, irmtfan, vaughan etc for reporting and solutions.