From 090ac2fea07da2c4a380329fafa6c4a5f15f5e2f Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Fri, 23 Nov 2007 03:48:07 +0100 Subject: [PATCH] fix vulnerability in PHPMailer --- phpmailer/class.phpmailer.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/phpmailer/class.phpmailer.php b/phpmailer/class.phpmailer.php index 5eb7ac05..061a16f4 100644 --- a/phpmailer/class.phpmailer.php +++ b/phpmailer/class.phpmailer.php @@ -390,9 +390,11 @@ class PHPMailer */ function SendmailSend($header, $body) { if ($this->Sender != "") - $sendmail = sprintf("%s -oi -f %s -t", $this->Sendmail, $this->Sender); + $sendmail = sprintf("%s -oi -f %s -t", + escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender)); else - $sendmail = sprintf("%s -oi -t", $this->Sendmail); + $sendmail = sprintf("%s -oi -t", + escapeshellcmd($this->Sendmail)); if(!@$mail = popen($sendmail, "w")) { @@ -1496,4 +1498,4 @@ class PHPMailer } } -?> \ No newline at end of file +?> -- 2.39.5