CVE-2016-10033 (23 PoC Exploits Available)

9.8

9.8 / 10
CRITICAL

The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.

Weakness: Improper Neutralization of Special Elements used in a Command ('Command Injection')

The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Published: 2016-12-30

Community Advisory

This section is open source, for any additional information that enhances or clarifies the official advisory above.

Improve Advisory

CVE-2016-10033 Exploits (23)

opsxcq/exploit-CVE-2016-10033 ( 355)
GeneralTesler/CVE-2016-10033 ( 9)
Zenexer/safeshell ( 8)
0x00-0x00/CVE-2016-10033 ( 7)
chipironcin/CVE-2016-10033 ( 2)
awidardi/opsxcq-cve-2016-10033 ( 1)
pedro823/cve-2016-10033-45 ( 1)
40969
Bajunan/CVE-2016-10033
40974

Show all exploits (+13):

40986
41962
41996
42024
42221
qwertyuiop12138/CVE-2016-10033
40970
cved-sources/cve-2016-10033
liusec/WP-CVE-2016-10033
zi0Black/CVE-2016-010033-010045
rapid7/metasploit-framework/modules/exploits/multi/http/phpmailer_arg_injection.rb
rapid7/metasploit-framework/modules/exploits/unix/webapp/wp_phpmailer_host_header.rb
40968

Research Labs

PentesterLab

Official CVE References

View references (21)