Security Boulevard

Why mail() is dangerous in PHP

During our advent of PHP application vulnerabilities, we reported a remote command execution vulnerability in the popular webmailer Roundcube (CVE-2016-9920). This vulnerability allowed a malicious ...
GitHub

Guangyang-Sunlight/php-phpmailer

Many PHP developers utilize email in their code. The only PHP function that supports this is the mail() function. However, it does not provide any assistance for making use of popular features such as ...
Simon Fraser University

[linux-security] php vulnerability

Topic ===== vulnerability in php mail function may allow execution of arbitrary code Problem Description ===== PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The ...
Linux Journal

Validate an E-Mail Address with PHP, the Right Way

The Internet Engineering Task Force (IETF) document, RFC 3696, “Application Techniques for Checking and Transformation of Names” by John Klensin, gives several valid e-mail addresses that are rejected ...