If you have a support question or comment, click the Post New Topic link below. Sytist Manual | Sytist Articles | Facebook Page.
Malware Scanner Lists Sytist File As Vulnerability
Please log in or Create an account to post or reply to topics.
Is anyone else getting messages from server malware scanners about sy-inc/PHPmailer/class.phpmailer.php? I keep getting compromised (malware put in folders on my server) and the scanner software says this file and its backup are my only vulnerabilities.
I have not heard of anyone else with that issue. The PHPMailer version in there is 5.2.8. I searched and didn't find any vulnerabilities related to the PHPMailer version.
Is it possible that is a false positive? If you are not using PHPMailer (Settings -> Mail Sending Settings), you can delete that file.
Is it possible that is a false positive? If you are not using PHPMailer (Settings -> Mail Sending Settings), you can delete that file.
Hi Tim, and thank you. I downloaded the github version of the file, and I have a difference. Instead of public $Host = 'localhost' in this block of code, I have
/**
* SMTP hosts.
* Either a single hostname or multiple semicolon-delimited hostnames.
* You can also specify a different port
* for each host by using this format: [hostname:port]
* (e.g. "smtp1.example.com:25;smtp2.example.com").
* You can also specify encryption type, for example:
* (e.g. "tls://smtp1.example.com:587;ssl://smtp2.example.com:465").
* Hosts will be tried in order.
* @type string
*/
public $Host = 'smtp.mijnhostingpartner.nl';
I'm guessing that I should re-install all my sytist files and that will update?
/**
* SMTP hosts.
* Either a single hostname or multiple semicolon-delimited hostnames.
* You can also specify a different port
* for each host by using this format: [hostname:port]
* (e.g. "smtp1.example.com:25;smtp2.example.com").
* You can also specify encryption type, for example:
* (e.g. "tls://smtp1.example.com:587;ssl://smtp2.example.com:465").
* Hosts will be tried in order.
* @type string
*/
public $Host = 'smtp.mijnhostingpartner.nl';
I'm guessing that I should re-install all my sytist files and that will update?
Thanks Tim. It's probably some site I tried years ago as a smtp server and I just don't remember it, but I'd feel better with authentic files in place.
I believe I'm having the same problem - malware infecting my site via PHPMailer. I see that there are lots of vulnerabilities in versions earlier than 6.0.6. Can we get this updated in the next build? In the mean time, I've going to upgrade mine if possible.
https://github.com/PHPMailer/PHPMailer/blob/master/SECURITY.md
https://github.com/PHPMailer/PHPMailer/blob/master/SECURITY.md
Edited Tue Dec 11, 18 1:23 PM by David Harris
The exploits I see are for versions before 5.2.8. And for the exploits to be executed, it would need to be sent through a mail form, like a contact form.
Are you using PHPMailer to send emails? If so, have you received any suspicious emails with a strange from name?
I will look into updating the PHP mailer to 6.
Are you using PHPMailer to send emails? If so, have you received any suspicious emails with a strange from name?
I will look into updating the PHP mailer to 6.
Loading more pages