Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: (PHP) mb_send_mail security bypass
Mar 01 2006 03:14PM
Yasuo Ohgaki (yohgaki ohgaki net)
You should check mail() also...
mail() has exactly the same issue, since both mail() and mb_send_mail() applies
php_escape_shell_cmd() to 5th parameter.
Since the PoC is feeding usual options to sendmail command, php_escape_shell_cmd()
is useless for this kind of code.
DO NOT TRUST safe...
[ more ]
Copyright 2010, SecurityFocus