Advanced search  

News:

cpg1.5.46 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter recently discovered vulnerabilities. It is important that all users who run version cpg1.5.44 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: PHPMailer security issue  (Read 610 times)

0 Members and 1 Guest are viewing this topic.

jsalmeron

  • Coppermine newbie
  • Offline Offline
  • Posts: 1
PHPMailer security issue
« on: January 05, 2017, 10:38:44 AM »

On 25.12.2016 a security issue (CVE-2016-10033) was found in the PHPMailer component for versions lower than 5.20. It seems you are using a lower version of PHPMailer in https://github.com/coppermine-gallery/cpg1.6.x/blob/develop/include/mailer.inc.php, could you confirm if the application is vulnerable?

More info: https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html
Logged

ron4mac

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: us
  • Offline Offline
  • Posts: 535
Re: PHPMailer security issue
« Reply #1 on: January 05, 2017, 02:38:08 PM »

It is possible that the application could be vulnerable to this issue if the site owner has certain options set. The possible vulnerability will be addressed as soon as possible.
Logged
Pages: [1]   Go Up
 

Page created in 0.096 seconds with 20 queries.