Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 6:17 p.m.10 views

CVE-2017-20029

A vulnerability was found in PHPList 3.2.6 and classified as critical. This issue affects some unknown processing of the file /lists/index.php of the component Edit Subscription. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

9.8CVSS7.2AI score0.20442EPSS
Exploits1References1
NVD
NVD
added 2022/06/10 10:15 a.m.23 views

CVE-2017-20036

A vulnerability, which was classified as problematic, was found in PHPList 3.2.6. Affected is an unknown function of the file /lists/admin/ of the component Bounce Rule. The manipulation leads to cross site scripting Persistent. It is possible to launch the attack remotely. Upgrading to version...

5.4CVSS0.00569EPSS
Exploits1References2
NVD
NVD
added 2022/06/10 10:15 a.m.20 views

CVE-2017-20030

A vulnerability was found in PHPList 3.2.6. It has been classified as critical. Affected is an unknown function of the file /lists/admin/ of the component Sending Campain. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

7.2CVSS0.00825EPSS
Exploits1References2
OSV
OSV
added 2022/06/10 10:15 a.m.5 views

CVE-2017-20029

A vulnerability was found in PHPList 3.2.6 and classified as critical. This issue affects some unknown processing of the file /lists/index.php of the component Edit Subscription. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

9.8CVSS5.5AI score0.20442EPSS
Exploits1References2
NVD
NVD
added 2022/06/10 10:15 a.m.17 views

CVE-2017-20031

A vulnerability was found in PHPList 3.2.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument sortby with the input password leads to information disclosure. The attack can be launched remotely. The exploit has been...

4CVSS0.00863EPSS
Exploits1References2
NVD
NVD
added 2022/06/10 10:15 a.m.20 views

CVE-2017-20035

A vulnerability, which was classified as problematic, has been found in PHPList 3.2.6. This issue affects some unknown processing of the file /lists/admin/ of the component Subscribe. The manipulation leads to cross site scripting Persistent. The attack may be initiated remotely. Upgrading to...

5.4CVSS0.00569EPSS
Exploits1References2
NVD
NVD
added 2022/06/10 10:15 a.m.15 views

CVE-2017-20033

A vulnerability classified as problematic has been found in PHPList 3.2.6. This affects an unknown part of the file /lists/admin/. The manipulation of the argument page with the input send'";alert8 leads to cross site scripting Reflected. It is possible to initiate the attack remotely. Upgrading...

6.1CVSS0.00711EPSS
Exploits1References2
Prion
Prion
added 2022/06/10 10:15 a.m.17 views

Sql injection

A vulnerability was found in PHPList 3.2.6. It has been classified as critical. Affected is an unknown function of the file /lists/admin/ of the component Sending Campain. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

6.5CVSS7.3AI score0.00825EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/06/10 10:15 a.m.15 views

Cross site scripting

A vulnerability classified as problematic was found in PHPList 3.2.6. This vulnerability affects unknown code of the file /lists/admin/ of the component List Name. The manipulation leads to cross site scripting Persistent. The attack can be initiated remotely. Upgrading to version 3.3.1 is able t...

3.5CVSS5.4AI score0.00569EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/06/10 10:15 a.m.15 views

Cross site scripting

A vulnerability, which was classified as problematic, was found in PHPList 3.2.6. Affected is an unknown function of the file /lists/admin/ of the component Bounce Rule. The manipulation leads to cross site scripting Persistent. It is possible to launch the attack remotely. Upgrading to version...

3.5CVSS5.3AI score0.00569EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/06/10 9:30 a.m.43 views

CVE-2017-20036

PHPList 3.2.6 contains a Persistent cross-site scripting (XSS) vulnerability in the Bounce Rule component (file /lists/admin/). The issue is exploitable remotely and affects an unknown function of that file; upgrading to version 3.3.1 is stated as the fix. Several connected sources corroborate th...

5.4CVSS4.5AI score0.00569EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/06/10 9:30 a.m.25 views

CVE-2017-20035 PHPList Subscribe Persistent cross site scriting

A vulnerability, which was classified as problematic, has been found in PHPList 3.2.6. This issue affects some unknown processing of the file /lists/admin/ of the component Subscribe. The manipulation leads to cross site scripting Persistent. The attack may be initiated remotely. Upgrading to...

3.5CVSS6.4AI score0.00569EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/06/10 9:30 a.m.5 views

CVE-2017-20034 PHPList List Name Persistent cross site scriting

A vulnerability classified as problematic was found in PHPList 3.2.6. This vulnerability affects unknown code of the file /lists/admin/ of the component List Name. The manipulation leads to cross site scripting Persistent. The attack can be initiated remotely. Upgrading to version 3.3.1 is able t...

3.5CVSS5.6AI score0.00569EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2017/03/20 12:0 a.m.49 views

phplist 3.2.6 - SQL Injection

Introduction Affected Product: phplist 3.2.6 Fixed in: 3.3.1 Fixed Version Link: https://sourceforge.net/projects/phplist/files/phplist/3.3.1/phplist-3.3.1.zip/download Vendor Website: https://www.phplist.org/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor:...

7.4AI score
Exploits0
Rows per page
Query Builder