CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2007-3215
https://notcve.org/view.php?id=CVE-2007-3215
14 Jun 2007 — PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php. PHPMailer 1.7, cuando está configurado para utilizar sendmail, permite a atacantes remotos ejecutar comandos del intérprete de comandos (shell) a través de los metacaracterés del intérprete de comandos en la función SendmailSend en class.phpmailer.php. • http://larholm.com/2007/06/11/phpmailer-0day-remote-execution •
CVSS: 7.5EPSS: 15%CPEs: 1EXPL: 3CVE-2005-1807 – PHPMailer 1.7 - 'Data()' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2005-1807
28 May 2005 — The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier allows remote attackers to cause a denial of service (infinite loop leading to memory and CPU consumption) via a long header field. • https://www.exploit-db.com/exploits/25752 •