phpmailer -- Remote Code Execution
Legal Hackers reports:
An independent research uncovered a critical vulnerability in
PHPMailer that could potentially be used by (unauthenticated)
remote attackers to achieve remote arbitrary code execution in
the context of the web server user and remotely compromise the
target web application.
To exploit the vulnerability an attacker could target common
website components such as contact/feedback forms, registration
forms, password email resets and others that send out emails with
the help of a vulnerable version of the PHPMailer class.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright