Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmailer phpmailer vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-4914
PHP remote file inclusion vulnerability in tools/phpmailer/class.phpmailer.php in PHP Classifieds 7.3 allows remote malicious users to execute arbitrary PHP code via a URL in the lang_path parameter.
Deltascripts Php Classifieds 7.3
1 EDB exploit
5
CVSSv2
CVE-2011-3747
Joomla! 1.6.0 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libraries/phpmailer/language/phpmailer.lang-joomla.php.
Joomla Joomla\\! 1.6.0
4
CVSSv2
CVE-2012-0796
class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x prior to 1.9.16, 2.0.x prior to 2.0.7, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1)...
Moodle Moodle 1.9.4
Moodle Moodle 1.9.1
Moodle Moodle 1.9.6
Moodle Moodle 1.9.9
Moodle Moodle 1.9.11
Moodle Moodle 1.9.2
Moodle Moodle 1.9.12
Moodle Moodle 1.9.10
Moodle Moodle 1.9.3
Moodle Moodle 1.9.13
Moodle Moodle 1.9.5
Moodle Moodle 1.9.14
Moodle Moodle 1.9.15
Moodle Moodle 1.9.8
Moodle Moodle 1.9.7
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.6
Moodle Moodle 2.0.5
Moodle Moodle 2.0.0
7.5
CVSSv2
CVE-2007-2021
Multiple PHP remote file inclusion vulnerabilities in Pineapple Technologies Lore 1 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) lang_path parameter to third_party/phpmailer/class.phpmailer.php or the (2) get_plugin_file_path parameter to third_...
Pineapple Technologies Lore 1.0
7.5
CVSSv2
CVE-2006-5734
Multiple PHP remote file inclusion vulnerabilities in ATutor 1.5.3.2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) section parameter in (a) documentation/common/frame_toc.php and (b) documentation/common/search.php, the (2) req_lang parameter in ...
Adaptive Technology Resource Centre Atutor 1.5.3.2
10
CVSSv2
CVE-2008-5619
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer prior to 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote malicious users to execute arbitrary code via crafted input that is processed by the ...
Roundcube Webmail 0.2.1
Roundcube Webmail 0.2.3
2 EDB exploits
5
CVSSv2
CVE-2009-0501
Unspecified vulnerability in the Calendar export feature in Moodle 1.8 prior to 1.8.8 and 1.9 prior to 1.9.4 allows malicious users to obtain sensitive information and conduct "brute force attacks on user accounts" via unknown vectors.
Moodle Moodle 1.8.6
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.8.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.8.3
Moodle Moodle 1.8.4
6.4
CVSSv2
CVE-2009-0499
Cross-site request forgery (CSRF) vulnerability in the forum code in Moodle 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4 allows remote malicious users to delete unauthorized forum posts via a link or IMG tag to post.php.
Moodle Moodle 1.7.5
Moodle Moodle 1.7.6
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.9.1
Moodle Moodle 1.7.3
Moodle Moodle 1.7.4
Moodle Moodle 1.8.4
Moodle Moodle 1.8.6
Moodle Moodle 1.7.1
Moodle Moodle 1.7.2
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.9.3
Moodle Moodle 1.8.1
Moodle Moodle 1.8.7
4.3
CVSSv2
CVE-2009-0500
Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle 1.6 prior to 1.6.9, 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4 allows remote malicious users to inject arbitrary web script or HTML via crafted log table information that is not properly hand...
Moodle Moodle 1.7.1
Moodle Moodle 1.7.2
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.6.6
Moodle Moodle 1.6.8
Moodle Moodle 1.7.3
Moodle Moodle 1.7.4
Moodle Moodle 1.8.4
Moodle Moodle 1.8.6
Moodle Moodle 1.6.7
Moodle Moodle 1.6.3
Moodle Moodle 1.6.5
Moodle Moodle 1.7.5
Moodle Moodle 1.7.6
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.6.0
Moodle Moodle 1.6.4
Moodle Moodle 1.8.1
4.3
CVSSv2
CVE-2009-0502
Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 prior to 1.6.9, 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4, allows remote malicious users to inject arbitrary web script or HTML via an HTML block, wh...
Snoopy Snoopy 1.2.3
Moodle Moodle 1.7.4
Moodle Moodle 1.7.5
Moodle Moodle 1.8.5
Moodle Moodle 1.9.2
Moodle Moodle 1.7.0
Moodle Moodle 1.7.1
Moodle Moodle 1.8.2
Moodle Moodle 1.8.3
Moodle Moodle 1.8.7
Moodle Moodle 1.9.3
Moodle Moodle 1.7.2
Moodle Moodle 1.7.3
Moodle Moodle 1.8.4
Moodle Moodle 1.8.6
Moodle Moodle 1.7.6
Moodle Moodle 1.8.1
Moodle Moodle 1.9.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »