← back
CVE-2008-5619

CVE-2008-5619

35Vexday Risk Score

No sign of exploitation. It has a public proof of concept.

ssvc Attendepss 54%
exploitation probability
54%top 1% of all CVEs
observed exploitation
nono source reports it
2 public exploit(s)
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attackers to execute arbitrary code via crafted input that is processed by the preg_replace function with the eval switch.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.