CVE-2005-3555

2005-11-1607:37:00

mitre

www.cve.org

AI Score

8.3

Confidence

Low

EPSS

0.004

Percentile

72.3%

JSON

Multiple SQL injection vulnerabilities in PHPlist 2.10.1 and earlier allow authenticated remote attackers with administrator privileges to execute arbitrary SQL commands via the id parameter in the (1) editattributes or (2) admin page.

References

osvdb.org/20567

osvdb.org/20568

secunia.com/advisories/17476

www.securityfocus.com/archive/1/416005/30/0/threaded

www.securityfocus.com/bid/15350

www.trapkit.de/advisories/TKADV2005-11-001.txt

www.vupen.com/english/advisories/2005/2345