Every CVE whose affected-product data names Phpmailer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2007-3215 — CVSS 6.8 (medium): PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the…
CVE-2005-1807 — CVSS 5.0 (medium): The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier allows remote attackers to cause a denial of service (infinite loop…