← Back

Zetacomponents

zetacomponents

2 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Mail
mail
1 CVE
Mvctools
mvctools
1 CVE

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-24108
1Zetacomponents
1Mvctools
Dec 5, 2025
Feb 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
MvcTools 6d48cd6830fc1df1d8c9d61caa1805fd6a1b7737 was discovered to contain a code execution backdoor via the request package (requirements.txt). This vulnerability allows attackers to access sensitive user information a...Show more
MvcTools 6d48cd6830fc1df1d8c9d61caa1805fd6a1b7737 was discovered to contain a code execution backdoor via the request package (requirements.txt). This vulnerability allows attackers to access sensitive user information and execute arbitrary code.Show less
CVE-2017-15806
1Zetacomponents
1Mail
May 13, 2026
Nov 15, 2017
N/A· v4
8.1 HIGH· v3
6.8 MEDIUM· v2
The send function in the ezcMailMtaTransport class in Zeta Components Mail before 1.8.2 does not properly restrict the set of characters used in the ezcMail returnPath property, which might allow remote attackers to exec...Show more
The send function in the ezcMailMtaTransport class in Zeta Components Mail before 1.8.2 does not properly restrict the set of characters used in the ezcMail returnPath property, which might allow remote attackers to execute arbitrary code via a crafted email address, as demonstrated by one containing "-X/path/to/wwwroot/file.php."Show less