Christmas failure in PHPMailer versions

Christmas failure in PHPMailer versions

PHPMailer presents a remote code vulnerability in its execution. It is one of the most popular open source PHP libraries to send emails, and it is used by more than 9 millions of users worldwide, that’s why it has become a big failure.

The name PHPMailer is not often sounded but it is often used. Some of the most popular websites and open source web applications like WordPress, Drupal, 1CRM, Joomla and SugarCRM, use PHPMailer to send emails.

Dawid Golunski of Legal Hacker has discovered the critical PHPMailer vulnerability, the one that allows an attacker to compromise the web application by the remotely execution of arbitrary code in the context of the web server user.

Golunski has patched the vulnerability by making PHPMailer 5.2.18. Shortly after this, the version 5.2.19 has appear with a few fixed bugs.

The before created versions of PHPMailer are all affected, so we strongly advise developers and administrators to update the patched release, PHPMailer 5.2.18 or 5.2.19, the newest releases.

“If you’re having problems while this new execution, come with ClickIT, and our expert team will help you at all during the process. Contact Us Now!”


to our newsletter

Table of Contents

We Make DevOps Easier

Weekly DevOps Newsletter

Subscribe to our DevOps News

Subscribe to a monthly newsletter to receive the IT best practices, startup-related insights & emerging technologies.

Join hundreds of business leaders and entrepreneurs, who are part of our growing tech community.

We guarantee 100% privacy. Your information will not be shared.