KEV Entry
CVE-2016-10033
Known Exploited Vulnerability Entry External Catalog
Entry Details
Confirmed Exploited2026-06-01 10:36 UTC
Timestamps
2026-06-01
2026-06-01
Scope
KEVIntel entry: The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command... | Affected: PHPMailer / PHPMailer | CVSS: 9.8 (CRITICAL) | EPSS: 0.99714 | Used in malware: unknown | Not yet in CISA KEV: False
References
- {'id': 'CVE-2016-10033', 'url': 'https://www.cve.org/CVERecord?id=CVE-2016-10033'}
- {'id': 'kevintel', 'url': 'https://kevintel.com/vuln/CVE-2016-10033'}
9ac14db2-918c-429b-8dbc-0ff48249d1a6
caeb2787-0d58-4236-9039-7c86c3e566f3
2026-06-23 14:03 UTC
2026-06-23 14:03 UTC
Evidence
1| Type | Source | Signal | Confidence | Details | GCVE Metadata |
|---|---|---|---|---|---|
| public_report | kevintel | successful_exploitation | 0.70 |
View details
|
- |