Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-23926

Malware in sbrugna...

5.4CVSS5.4AI score0.00522EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:39 p.m.12 views

CVE-2020-36399

A stored cross site scripting XSS vulnerability in phplist 3.5.4 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the "rule1" parameter under the "Bounce Rules" module...

5.4CVSS5.5AI score0.00509EPSS
Exploits1
OSV
OSV
added 2024/03/06 11:3 a.m.10 views

BIT-PHPLIST-2020-23190

A stored cross site scripting XSS vulnerability in the "Import emails" module in phplist 3.5.4 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.5AI score0.00512EPSS
Exploits1References1
NVD
NVD
added 2021/07/02 6:15 p.m.17 views

CVE-2020-23190

A stored cross site scripting XSS vulnerability in the "Import emails" module in phplist 3.5.4 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS0.00512EPSS
Exploits1References1
OSV
OSV
added 2021/07/02 6:15 p.m.27 views

CVE-2020-23190

A stored cross site scripting XSS vulnerability in the "Import emails" module in phplist 3.5.4 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.4AI score
Exploits0References1
CVE
CVE
added 2021/07/02 5:51 p.m.60 views

CVE-2020-36399

CVE-2020-36399 describes a stored cross-site scripting (XSS) vulnerability in phplist versions 3.5.4 and earlier, exploitable via a crafted payload in the “rule1” parameter under the “Bounce Rules” module. All connected sources corroborate that the issue is a client-side scripting vulnerability t...

5.4CVSS5.6AI score0.00509EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/07/02 5:51 p.m.62 views

CVE-2020-23194

CVE-2020-23194 is a stored XSS vulnerability in the phplist "Import Subscribers" feature, affecting phplist 3.5.4 and earlier. The root cause is an injectable payload that allows an authenticated attacker to execute arbitrary web scripts or HTML. The per-document details indicate exploitation via...

5.4CVSS5.5AI score0.00512EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/07/02 5:51 p.m.58 views

CVE-2020-23190

Phplist 3.5.4 is affected by a stored XSS in the Import emails module. An authenticated attacker can execute arbitrary web scripts or HTML via a crafted payload. Exploitation status is not detailed in the provided sources. Remediation guidance present in PT-2021-10853 recommends disabling the Imp...

5.4CVSS5.5AI score0.00512EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/07/02 12:0 a.m.4 views

phplist 跨站脚本漏洞

PhpList is a suite of open source newsletter and email marketing software from PhpList UK. A cross-site scripting vulnerability exists in the Import Email module in phplist 3.5.4, which can be exploited by an authenticated attacker to execute arbitrary Web script or HTML via a crafted payload...

5.4CVSS5.6AI score0.00512EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/07/02 12:0 a.m.4 views

PT-2021-12041 · Phplist · Phplist

Name of the Vulnerable Software and Affected Versions: phplist versions 3.5.4 and below Description: A stored cross site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the rule1 parameter under the "Bounce Rules" module. Recommendations: For...

5.4CVSS5.4AI score0.00509EPSS
Exploits1References5
Cvelist
Cvelist
added 2020/07/08 7:24 p.m.26 views

CVE-2020-15072

An issue was discovered in phpList through 3.5.4. An error-based SQL Injection vulnerability exists via the Import Administrators section...

9.1AI score0.01199EPSS
Exploits2References3
Rows per page
Query Builder