Skip to main content

Zend Mail

1 CVEs product

Monthly

CVE-2016-10034 PHP CRITICAL POC PATCH THREAT Act Now

The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 82.3%.

Command Injection RCE Zend Framework Zend Mail
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
82.3%
Threat
5.9
EPSS 82% 5.9 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 82.3%.

Command Injection RCE Zend Framework +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy