Welcome, Guest. Please login or register.
Did you miss your activation email?
May 27, 2012, 02:39:39 AM

Login with username, password and session length
Search:     Advanced search
Interested in joining the WebsiteBaker team?
For more Information read here or on our new website.
155555 Posts in 21715 Topics by 7737 Members
Latest Member: gx-world
* Home Help Search Login Register
Pages: [1]   Go Down
Print
Author Topic: PHPMailer 0day remote command execution  (Read 1165 times)
tomhung

Offline Offline

Posts: 353
« on: June 11, 2007, 07:01:55 PM »
http://larholm.com/2007/06/11/phpmailer-0day-remote-execution/

I know we include this class.  Lets check to see if WB has a problem with this issue.


G
Logged
larholm

Offline Offline

Posts: 1
« Reply #1 on: June 11, 2007, 09:45:59 PM »
I took a look at the WB 2.6.5 sources and you are specifically using either SMTP or PHP mail(), not sendmail. In addition, you're not setting the inherited Sender property inside your wbmailer class.

Therefor, you should not be affected by this vulnerability.

Cheers

Thor Larholm
http://www.larholm.com
Logged
Pages: [1]   Go Up
Print
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines Valid XHTML 1.0! Valid CSS!
Impressum & Datenschutz | powered by WebsiteBaker. ©2004–2010 by Website Baker Org e.V. , all rights reserved | Legal Notice & Privacy Policy