VYPR

Mail

by Pear

CVEs (2)

  • CVE-2009-4111Nov 29, 2009
    risk 0.00cvss epss 0.02

    Argument injection vulnerability in Mail/sendmail.php in the Mail package 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows remote attackers to read and write arbitrary files via a crafted $recipients parameter, and possibly other parameters, a different vulnerability…

  • CVE-2009-4023Nov 29, 2009
    risk 0.00cvss epss 0.02

    Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted $from parameter, a different vector than CVE-2009-4111.