CVE-2007-3215

N/A Unknown

Published: June 14, 2007 Modified: April 23, 2026

Description

PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://larholm.com/2007/06/11/phpmailer-0day-remote-execution/

Source: cve@mitre.org

http://osvdb.org/37206

Source: cve@mitre.org

http://osvdb.org/76139

Source: cve@mitre.org

http://seclists.org/fulldisclosure/2011/Oct/223

Source: cve@mitre.org

http://secunia.com/advisories/25626

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/25755

Source: cve@mitre.org

http://secunia.com/advisories/25758

Source: cve@mitre.org

http://securityreason.com/securityalert/2802

Source: cve@mitre.org

http://sourceforge.net/project/shownotes.php?release_id=517428&group_id=157374

Source: cve@mitre.org

http://www.debian.org/security/2007/dsa-1315

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/471065/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/24417

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/2161

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/2267

Source: cve@mitre.org

http://yehg.net/lab/pr0js/advisories/%5BvTiger_5.2.1%5D_rce

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/34818

Source: cve@mitre.org

https://sourceforge.net/tracker/index.php?func=detail&aid=1734811&group_id=26031&atid=385707

Source: cve@mitre.org

http://larholm.com/2007/06/11/phpmailer-0day-remote-execution/