4 matches found
Multiple Vulnerabilities in phpList
Advisory ID: HTB23100 Product: phpList Vendor: phpList Ltd Vulnerable Versions: 2.10.18 and probably prior Tested Version: 2.10.18 Vendor Notification: July 11, 2012 Public Disclosure: August 8, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, SQL Injection CWE-89 CVE References:...
CVE-2012-3952
CVE-2012-3952 is an XSS vulnerability in phpList 2.10.18 and earlier, occurring in admin/index.php when the unconfirmed parameter is used (page=user). Exploitation can cause arbitrary HTML/script execution in an administrator’s browser. The related advisory confirms a fixed vendor patch: upgrade ...
phpList 2.10.18 Cross Site Scripting / SQL Injection Vulnerability
Exploit for php platform in category web applications Vendor: phpList Ltd Vulnerable Versions: 2.10.18 and probably prior Tested Version: 2.10.18 Vendor Notification: July 11, 2012 Public Disclosure: August 8, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, SQL Injection CWE-89 CVE...
phpList 2.10.18 Cross Site Scripting / SQL Injection
Advisory ID: HTB23100 Product: phpList Vendor: phpList Ltd Vulnerable Versions: 2.10.18 and probably prior Tested Version: 2.10.18 Vendor Notification: July 11, 2012 Public Disclosure: August 8, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, SQL Injection CWE-89 CVE References:...