Post by gossamerLL » Wed Dec 28, 2016 12:26 am

Does OC 2 use PHPMailer?
https://www.wordfence.com/blog/2016/12/ ... dium=email

If you are using PHPMailer older than 5.2.18 in your own PHP applications, themes or plugins, please upgrade to PHPMailer 5.2.18 or newer immediately.

If you are a WordPress theme or plugin developer and have included your own copy of PHPMailer in your plugin or theme code, you need to update to PHPMailer 5.2.18 or newer immediately and release a fix to your customers.

I know this announcement is related to WordPress, but I was thinking that PHPMailer is probably used in OC as well?

Newbie

Posts

Joined
Thu Jul 25, 2013 4:13 am

Post by thekrotek » Wed Dec 28, 2016 4:12 am

As far as I'm concerned, OC 2 uses its own Mail class. It's in system/library folder.

Professional OpenCart extensions, support and custom work.
Contact me via email support@thekrotek.com


User avatar
Newbie

Posts

Joined
Sun Jul 03, 2016 12:24 am


Post by Johnathan » Wed Dec 28, 2016 11:56 am

No, OpenCart does not use PhpMailer. This vulnerability does not affect it.

Image
Image Image Image Image Image Image


User avatar
Global Moderator

Posts

Joined
Fri Dec 18, 2009 3:08 am


Post by OSWorX » Wed Dec 28, 2016 6:44 pm

Johnathan wrote:No, OpenCart does not use PhpMailer. This vulnerability does not affect it.
While OpenCart native does not use phpMailer, I know some who do.
And there are some extensions offering phpMailer:
https://www.opencart.com/index.php?rout ... ch=phpmail

And ALL of them are using the old unsecure code!
Therefore these extensions should be disabled!

Image


User avatar
Newbie

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria

Post by Johnathan » Wed Dec 28, 2016 11:22 pm

Good point -- I'd do it, but Daniel removed extension moderators with the new site upgrade, and I'm not sure if he's planning on re-instating them. You should contact the OpenCart team about it, and ask them to disable those extensions, or at least post a comment on them warning people of the vulnerability.

Image
Image Image Image Image Image Image


User avatar
Global Moderator

Posts

Joined
Fri Dec 18, 2009 3:08 am


Post by gossamerLL » Thu Dec 29, 2016 12:45 am

Thanks for the answers! Glad it's not a worry.

Newbie

Posts

Joined
Thu Jul 25, 2013 4:13 am
Who is online

Users browsing this forum: No registered users and 10 guests