|
|
 |
Sonicwall Signatures
Go to All Categories list.
| | PHPMailer mailSend Function Command Injection |
Category: WEB-ATTACKS
| The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property. |
|
|
|
