PHPList SQL Injection (CVE-2017-20029; CVE-2017-20032)

An SQL injection vulnerability exists in PHPList. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

CVE-2017-20029

A vulnerability was found in PHPList 3.2.6 and classified as critical. This issue affects some unknown processing of the file /lists/index.php of the component Edit Subscription. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2017-20029

CVE-2017-20029 affects PHPList 3.2.6, specifically a SQL injection vulnerability in the Edit Subscription flow (processing of /lists/index.php). The issue allows remote exploitation and has been publicly disclosed. The root cause is an improper handling of input in that component, enabling arbitr...

CVE-2017-20029 PHPList Edit Subscription index.php sql injection

A vulnerability was found in PHPList 3.2.6 and classified as critical. This issue affects some unknown processing of the file /lists/index.php of the component Edit Subscription. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2017-20029 PHPList Edit Subscription index.php sql injection

A vulnerability was found in PHPList 3.2.6 and classified as critical. This issue affects some unknown processing of the file /lists/index.php of the component Edit Subscription. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...