4 matches found
CVE-2008-5887
phplist before 2.10.8 allows remote attackers to include files via unknown vectors, related to a "local file include vulnerability."...
Immunity Canvas: PHPLIST_LFI
Name| phplistlfi ---|--- CVE| CVE-2008-5887 Exploit Pack| CANVAS Description| PHPList = 2.10.7 Local File Include Notes| CVE Name: CVE-2008-5887 VENDOR: PHPList Repeatability: Infinite CVE Url: https://vulners.com/cve/CVE-2008-5887 References: 'http://www.bugreport.ir/index60.htm' CVSS: 5.0...
CVE-2008-5887
Phplist
phpList cline Parameter Array Remote File Inclusion
The version of phpList installed on the remote host fails to filter user input to the 'clinec' parameter before passing it to a PHP 'include' function in 'admin/index.php'. Regardless of PHP's 'registerglobals' setting, an unauthenticated attacker can exploit this issue to view arbitrary files on...