PHPMailer susceptible to arbitrary code execution

CVE-2008-5619

Affected version: <5.2.10

Reported by:
GitHub

RCE affecting Windows hosts via UNC paths to translation files

CVE-2021-34551

Affected version: <6.5.0

Reported by:
GitHub, FriendsOfPHP/security-advisories

Untrusted code may be run from an overridden address validator

CVE-2021-3603

Affected version: <6.5.0

Reported by:
GitHub, FriendsOfPHP/security-advisories

Insufficient output escaping of attachment names in PHPMailer

CVE-2020-13625

Affected version: <6.1.6

Reported by:
GitHub

XSS vulnerability in code example

CVE-2017-11503

Affected version: >=5.0.0,<5.2.24

Reported by:
GitHub, FriendsOfPHP/security-advisories

Object injection

CVE-2018-19296

Affected version: >=5.0.0,<5.2.27|>=6.0.0,<6.0.6

Reported by:
GitHub, FriendsOfPHP/security-advisories

Remote Code Execution

CVE-2016-10045

Affected version: >=5.0.0,<5.2.20

Reported by:
GitHub, FriendsOfPHP/security-advisories

Remote Code Execution

CVE-2016-10033

Affected version: >=5.0.0,<5.2.18

Reported by:
GitHub, FriendsOfPHP/security-advisories

Local File Disclosure

CVE-2017-5223

Affected version: >=5.0.0,<5.2.22

Reported by:
GitHub, FriendsOfPHP/security-advisories

Multiple CRLF injection vulnerabilities

CVE-2015-8476

Affected version: >=5.0.0,<5.2.14

Reported by:
GitHub, FriendsOfPHP/security-advisories