PHPList 2.10.9 'Sajax.php' PHP代码注入漏洞

phplist是一个开源的newsletter管理软件，用PHP开发。 PHPList 'Sajax.php'不正确处理用户提交的数据，远程攻击者可以利用漏洞提交恶意代码，并以WEB权限执行。 0 PHPList 2.10.9 厂商解决方案 phplist ----- 目前没有详细解决方案提供： http://www.phplist.com/ --------------------------------------- This PoC was written for educational purpose. Use it at your own risk. Author will b...

phpList 2.10.9 - Sajax.php PHP Code Injection

phpList 2.10.9 - Sajax.php PHP Code Injection source: https://www.securityfocus.com/bid/53693/info PHPList is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the affected application. This may...

phpList 2.10.9 - 'Sajax.php' PHP Code Injection

source: https://www.securityfocus.com/bid/53693/info PHPList is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the affected application. This may facilitate a compromise of the application and the...

PHP List 2.10.9 PHP Code Injection

--------------------------------------- Author : L3b-r1'z Title : Php List 2.10.9 Remote PHP Code Injection Date : 5/25/2012 Email : [email protected] Site : Sec4Ever.com & Exploit4arab.com --------------------------------------- This PoC was written for educational purpose. Use it at your own ris...