CVE advisoryKnown Exploit
CVE-2016-10033
PHPMailer Command Injection Vulnerability.
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in the PHPMailer library allows remote attackers to execute arbitrary code on affected systems by sending specially crafted input via email functions. Organizations using affected versions of PHPMailer, or applications like WordPress and Joomla that embed it, face business risk including data compromise