2 matches found
CVE-2020-35708
phpList 3.5.9 allows SQL injection by admins who provide a crafted fourth line of a file to the "Config - Import Administrators" page...
CVE-2020-35708
CVE-2020-35708 affects phpList 3.5.9. The vulnerability is a SQL injection exploitable by admins who submit a crafted fourth line of a file via the Config - Import Administrators page. Documented impact is partial data confidentiality/integrity/availability per CVSS, with base scores: CVSS2 v2.0 ...