CVE-2005-3556

🗓️ 16 Nov 2005 07:37:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov👁 43 Views🌐 WEB

Multiple XSS vulnerabilities in PHPlist 2.10.1 and earlie

Reporter	Title	Published	Views	Family All 4
Tenable Nessus	PHPList < 2.10.3 Multiple Vulnerabilities	8 Nov 200500:00	–	nessus
Cvelist	CVE-2005-3556	16 Nov 200507:37	–	cvelist
EUVD	EUVD-2005-3555	7 Oct 202500:30	–	euvd
NVD	CVE-2005-3556	16 Nov 200507:42	–	nvd

NVD

Node

tincan phplistRange≤2.10.1

Source	Link
osvdb	www.osvdb.org/20575
osvdb	www.osvdb.org/20570
osvdb	www.osvdb.org/20571
trapkit	www.trapkit.de/advisories/TKADV2005-11-001.txt
osvdb	www.osvdb.org/20574
securityfocus	www.securityfocus.com/bid/15350
secunia	www.secunia.com/advisories/17476
securityfocus	www.securityfocus.com/archive/1/416005/30/0/threaded
osvdb	www.osvdb.org/20572
osvdb	www.osvdb.org/20576

Parameter	Position	Path	Description	CWE
listname	query param	admin/editlist.php	XSS vulnerability via listname parameter.	CWE-79
title	query param	admin/spageedit.php	XSS vulnerability via title parameter.	CWE-79
title	query param	admin/template.php	XSS vulnerability via title parameter in template editing.	CWE-79
filter	query param	admin/eventlog.php	XSS vulnerability via filter, delete, and start parameters.	CWE-79
delete	query param	admin/eventlog.php	XSS vulnerability via filter, delete, and start parameters.	CWE-79
start	query param	admin/eventlog.php	XSS vulnerability via filter, delete, and start parameters.	CWE-79
id	query param	admin/configure.php	XSS vulnerability via id parameter.	CWE-79
find	query param	admin/users.php	XSS vulnerability via find parameter.	CWE-79
start	query param	admin/admin.php	XSS vulnerability via start parameter.	CWE-79
action	query param	admin/fckphplist.php	XSS vulnerability via action parameter.	CWE-79

16 Apr 2026 00:27Current

6Medium risk

Vulners AI Score6

CVSS 24.3

EPSS0.05218

cve-2005-3556 cross-site scripting xss phplist security vulnerabilities remote attack