### [CVE-2016-10045](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10045)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.

### POC

#### Reference
- http://packetstormsecurity.com/files/140286/PHPMailer-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/140350/PHPMailer-Sendmail-Argument-Injection.html
- http://seclists.org/fulldisclosure/2016/Dec/81
- https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10045-Vuln-Patch-Bypass.html
- https://www.exploit-db.com/exploits/40969/
- https://www.exploit-db.com/exploits/40986/
- https://www.exploit-db.com/exploits/42221/

#### Github
- https://github.com/777sot/PHPMailer
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Brens498/AulaMvc
- https://github.com/Dharini432/Leafnow
- https://github.com/Gessiweb/Could-not-access-file-var-tmp-file.tar.gz
- https://github.com/Hehhchen/eCommerce
- https://github.com/Jack-LaL/idk
- https://github.com/JesusAyalaEspinoza/p
- https://github.com/KNIGHTTH0R/PHPMail
- https://github.com/Kalyan457/Portfolio
- https://github.com/Keshav9863/MFA_SIGN_IN_PAGE
- https://github.com/Lu183/phpmail
- https://github.com/MIrfanShahid/PHPMailer
- https://github.com/MarcioPeters/PHP
- https://github.com/MartinDala/Envio-Simples-de-Email-com-PHPMailer-
- https://github.com/Mona-Mishra/User-Registration-System
- https://github.com/Mugdho55/Air_Ticket_Management_System
- https://github.com/NikhilReddyPuli/thenikhilreddy.github.io
- https://github.com/PatelMisha/Online-Flight-Booking-Management-System
- https://github.com/Preeti1502kashyap/loginpage
- https://github.com/Rachna-2018/email
- https://github.com/RakhithJK/Synchro-PHPMailer
- https://github.com/Ramkiskhan/sample
- https://github.com/Razzle23/mail-3
- https://github.com/RichardStwart/PHP
- https://github.com/Rivaldo28/ecommerce
- https://github.com/Sakanksha07/Journey-With-Food
- https://github.com/Sakshibadoni/LetsTravel
- https://github.com/SecRet-501/PHPMailer
- https://github.com/SeffuCodeIT/phpmailer
- https://github.com/Teeeiei/phpmailer
- https://github.com/ThatsSacha/forum
- https://github.com/VenusPR/PHP
- https://github.com/Zenexer/safeshell
- https://github.com/aegunasekara/PHPMailer
- https://github.com/aegunasekaran/PHPMailer
- https://github.com/afkpaul/smtp
- https://github.com/aklmtst/PHPMailer-Remote-Code-Execution-Exploit
- https://github.com/alexandrazlatea/emails
- https://github.com/alokdas1982/phpmailer
- https://github.com/amulcse/solr-kinsing-malware
- https://github.com/anishbhut/simpletest
- https://github.com/ank0809/Responsive-login-register-page
- https://github.com/antelove19/phpmailer
- https://github.com/anushasinha24/send-mail-using-PHPMailer
- https://github.com/arbaazkhanrs/Online_food_ordering_system
- https://github.com/arislanhaikal/PHPMailer_PHP_5.3
- https://github.com/ashiqdey/PHPmailer
- https://github.com/athirakottekadnew/testingRepophp
- https://github.com/bigtunacan/phpmailer5
- https://github.com/bkrishnasowmya/OTMS-project
- https://github.com/clemerribeiro/cbdu
- https://github.com/codersstock/PhpMailer
- https://github.com/crackerica/PHPMailer2
- https://github.com/denniskinyuandege/mailer
- https://github.com/devhribeiro/cadweb_aritana
- https://github.com/dipak1997/Alumni-M
- https://github.com/dp7sv/ECOMM
- https://github.com/duhengchen1112/demo
- https://github.com/dylangerardf/dhl
- https://github.com/dylangerardf/dhl-supp
- https://github.com/eminemdordie/mailer
- https://github.com/entraned/PHPMailer
- https://github.com/faraz07-AI/fullstack-Jcomp
- https://github.com/fatfishdigital/phpmailer
- https://github.com/fatihbaba44/PeakGames
- https://github.com/fatihulucay/PeakGames
- https://github.com/frank850219/PHPMailerAutoSendingWithCSV
- https://github.com/gaguser/phpmailer
- https://github.com/geet56/geet22
- https://github.com/generalbao/phpmailer6
- https://github.com/gnikita01/hackedemistwebsite
- https://github.com/grayVTouch/phpmailer
- https://github.com/gzy403999903/PHPMailer
- https://github.com/htrgouvea/spellbook
- https://github.com/huongbee/mailer0112
- https://github.com/huongbee/mailer0505
- https://github.com/ifindu-dk/phpmailer
- https://github.com/im-sacha-cohen/forum
- https://github.com/inusah42/ecomm
- https://github.com/ivankznru/PHPMailer
- https://github.com/izisoft/mailer
- https://github.com/izisoft/yii2-mailer
- https://github.com/j4k0m/CVE-2016-10033
- https://github.com/jaimedaw86/repositorio-DAW06_PHP
- https://github.com/jamesxiaofeng/sendmail
- https://github.com/jbperry1998/bd_calendar
- https://github.com/jeddatinsyd/PHPMailer
- https://github.com/jesusclaramontegascon/PhpMailer
- https://github.com/juhi-gupta/PHPMailer-master
- https://github.com/laddoms/faces
- https://github.com/lanlehoang67/sender
- https://github.com/lcscastro/RecursoFunctionEmail
- https://github.com/leftarmm/speexx
- https://github.com/leocifrao/site-restaurante
- https://github.com/luxiaojue/phpmail
- https://github.com/madbananaman/L-Mailer
- https://github.com/marco-comi-sonarsource/PHPMailer
- https://github.com/mayankbansal100/PHPMailer
- https://github.com/mintoua/Fantaziya_WEBSite
- https://github.com/mkrdeptcreative/PHPMailer
- https://github.com/mohamed-aymen-ellafi/web
- https://github.com/morkamimi/poop
- https://github.com/nFnK/PHPMailer
- https://github.com/natsootail/alumni
- https://github.com/nh0k016/Haki-Store
- https://github.com/nyamleeze/commit_testing
- https://github.com/pctechsupport123/php
- https://github.com/pedro823/cve-2016-10033-45
- https://github.com/pitecozz/RCE-VUL
- https://github.com/prakashshubham13/portfolio
- https://github.com/prathamrathore/portfolio.php
- https://github.com/prostogorod/PHPMailer
- https://github.com/rasisbade/allphp
- https://github.com/rohandavid/fitdanish
- https://github.com/rrathi0705/email
- https://github.com/rudresh98/e_commerce_IFood
- https://github.com/sakshibohra05/project
- https://github.com/sankar-rgb/PHPMailer
- https://github.com/sarriscal/phpmailer
- https://github.com/sarvottam1766/Project
- https://github.com/sashasimulik/integration-1
- https://github.com/sccontroltotal/phpmailer
- https://github.com/sliani/PHPMailer-File-Attachments-FTP-to-Mail
- https://github.com/supreethsk/rental
- https://github.com/sweta-web/Online-Registration-System
- https://github.com/tvirus-01/PHP_mail
- https://github.com/vaartjesd/test
- https://github.com/vatann07/BloodConnect
- https://github.com/vedavith/mailer
- https://github.com/wesandradealves/sitio_email_api_demo
- https://github.com/windypermadi/PHP-Mailer
- https://github.com/yaya4095/PHPMailer
- https://github.com/zakiaafrin/PHPMailer
- https://github.com/zhangqiyi55/phpemail