4 matches found
Multiple Vulnerabilities in phpList
Advisory ID: HTB23100 Product: phpList Vendor: phpList Ltd Vulnerable Versions: 2.10.18 and probably prior Tested Version: 2.10.18 Vendor Notification: July 11, 2012 Public Disclosure: August 8, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, SQL Injection CWE-89 CVE References:...
CVE-2012-3953
The CVE-2012-3953 entry concerns phpList prior to version 2.10.19. A SQL Injection vulnerability exists in admin/index.php via the delete parameter on the editattributes page, allowing an attacker with administrative privileges to manipulate SQL queries and potentially exfiltrate data or affect d...
phpList 2.10.18 Cross Site Scripting / SQL Injection Vulnerability
Exploit for php platform in category web applications Vendor: phpList Ltd Vulnerable Versions: 2.10.18 and probably prior Tested Version: 2.10.18 Vendor Notification: July 11, 2012 Public Disclosure: August 8, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, SQL Injection CWE-89 CVE...
phpList 2.10.18 Cross Site Scripting / SQL Injection
Advisory ID: HTB23100 Product: phpList Vendor: phpList Ltd Vulnerable Versions: 2.10.18 and probably prior Tested Version: 2.10.18 Vendor Notification: July 11, 2012 Public Disclosure: August 8, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, SQL Injection CWE-89 CVE References:...