漏洞类别:CGI
漏洞等级: 
漏洞信息
A critical vulnerability exists in PHPMailer that could potentially be used by (unauthenticated) remote attackers to achieve remote arbitrary code execution in the context of the web server user and remotely compromise the target web application.
Affected Versions:- PHPMailer versions prior to 5.2.18.
漏洞危害
To exploit the vulnerability an attacker could target common website components such as contact/feedback forms, registration forms, password email resets and others that send out emails with the help of a vulnerable version of the PHPMailer class.
解决方案
Refer to PHPMailer advisory PHPMailer to address this issue and obtain more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论