Index: /branches/1.0/lib/vendor/phpmailer/class.phpmailer.php
===================================================================
--- /branches/1.0/lib/vendor/phpmailer/class.phpmailer.php (revision 1415)
+++ /branches/1.0/lib/vendor/phpmailer/class.phpmailer.php (revision 4380)
@@ -391,7 +391,7 @@
     function SendmailSend($header, $body) {
         if ($this->Sender != "")
-            $sendmail = sprintf("%s -oi -f %s -t", $this->Sendmail, $this->Sender);
+            $sendmail = sprintf("%s -oi -f %s -t", escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender));
         else
-            $sendmail = sprintf("%s -oi -t", $this->Sendmail);
+            $sendmail = sprintf("%s -oi -t", escapeshellcmd($this->Sendmail));
 
         if(!@$mail = popen($sendmail, "w"))