Skip to content

Instantly share code, notes, and snippets.

@cebe cebe/
Last active Dec 28, 2016

What would you like to do?
command for finding vulnerable files and line of code for finds also really old versions, e.g. 2.0.4.
for file in $(find /var/www |grep class.phpmailer.php) ; do echo $file; grep -ni '%s["'\''], $this->Sender' $file ; done

This comment has been minimized.

Copy link
Owner Author

cebe commented Dec 27, 2016

A quick patch (in case you can not upgrade easily from an old version) will be to put escapeshellarg() around $this->Sender.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.