CVE-2006-5734

Description

### Impact Arbitrary local file inclusion via the `$lang` property, remotely exploitable if host application passes unfiltered user data into that property. The 3 CVEs listed are applications that used PHPMailer that were vulnerable to this problem. ### Patches It's not known exactly when this was fixed in the host applications, but it was fixed in PHPMailer 5.2.0. ### Workarounds Filter and validate user-supplied data before use. ### References https://nvd.nist.gov/vuln/detail/CVE-2006-5734 https://nvd.nist.gov/vuln/detail/CVE-2007-3215 https://nvd.nist.gov/vuln/detail/CVE-2007-2021 Example exploit: https://www.exploit-db.com/exploits/14893 ### For more information If you have any questions or comments about this advisory: * Open a private issue in [the PHPMailer project](https://github.com/PHPMailer/PHPMailer)

How to fix CVE-2006-5734

To remediate CVE-2006-5734, upgrade the affected package to a fixed version below.

• —upgrade to 5.2.0 or later

Is CVE-2006-5734 being exploited?

Low — EPSS is 0.7%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 5.2.0

References (2)

• PATCHgithub.com/PHPMailer/PHPMailer
• WEBgithub.com/PHPMailer/PHPMailer/security/advisories/GHSA-8jc3-5p29-qgjx