valvin
/
ttrss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix vulnerability in PHPMailer

This commit is contained in:
Andrew Dolgov 2007-11-23 03:48:07 +01:00
parent 11063ec65c
commit 090ac2fea0
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
phpmailer/class.phpmailer.php
View File

@ -390,9 +390,11 @@ class PHPMailer
*/
function SendmailSend($header, $body) {
if ($this->Sender != "")
$sendmail = sprintf("%s -oi -f %s -t", $this->Sendmail, $this->Sender);
$sendmail = sprintf("%s -oi -f %s -t",
escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender));
else
$sendmail = sprintf("%s -oi -t", $this->Sendmail);
$sendmail = sprintf("%s -oi -t",
escapeshellcmd($this->Sendmail));
if(!@$mail = popen($sendmail, "w"))
{
@ -1496,4 +1498,4 @@ class PHPMailer
}
}
?>
?>