Support > cpg1.5 email
PHPMailer security issue
(1/1)
jsalmeron:
On 25.12.2016 a security issue (CVE-2016-10033) was found in the PHPMailer component for versions lower than 5.20. It seems you are using a lower version of PHPMailer in https://github.com/coppermine-gallery/cpg1.6.x/blob/develop/include/mailer.inc.php, could you confirm if the application is vulnerable?
More info: https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html
ron4mac:
It is possible that the application could be vulnerable to this issue if the site owner has certain options set. The possible vulnerability will be addressed as soon as possible.
Navigation
[0] Message Index
Go to full version