Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

phplist phplist 2.10.1 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2006-5322
Multiple SQL injection vulnerabilities in phplist prior to 2.10.3 allow remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Tincan Phplist 2.8.12Tincan Phplist 2.9.3Tincan Phplist 2.10.1Tincan Phplist 2.9.4Tincan Phplist 2.9.5Tincan Phplist
NA
CVE-2012-2740
SQL injection vulnerability in public_html/lists/admin in phpList prior to 2.10.18 allows remote malicious users to execute arbitrary SQL commands via the sortby parameter in a find action.
Phplist Phplist 2.10.13Phplist Phplist 2.10.16Phplist Phplist 2.10.15Phplist Phplist 2.10.14Phplist Phplist 2.10.9Phplist Phplist 2.10.8Phplist Phplist 2.10.7Phplist Phplist 2.10.5Phplist Phplist 2.10.4Phplist Phplist 2.10.11Phplist Phplist 2.10.3Phplist Phplist 2.10.1Phplist Phplist 2.10.12Phplist Phplist 2.10.10Phplist Phplist 2.10.2Phplist Phplist
NA
CVE-2012-2741
Cross-site scripting (XSS) vulnerability in public_html/lists/admin/ in phpList prior to 2.10.18 allows remote malicious users to inject arbitrary web script or HTML via the num parameter in a reconcileusers action.
Phplist Phplist 2.10.12Phplist Phplist 2.10.10Phplist Phplist 2.10.2Phplist PhplistPhplist Phplist 2.10.16Phplist Phplist 2.10.15Phplist Phplist 2.10.14Phplist Phplist 2.10.13Phplist Phplist 2.10.8Phplist Phplist 2.10.7Phplist Phplist 2.10.5Phplist Phplist 2.10.4Phplist Phplist 2.10.11Phplist Phplist 2.10.9Phplist Phplist 2.10.3Phplist Phplist 2.10.1
NA
CVE-2006-5294
Cross-site scripting (XSS) vulnerability in index.php in phplist prior to 2.10.3 allows remote malicious users to inject arbitrary web script or HTML via the unsubscribeemail parameter.
Tincan Phplist 2.6.1Tincan Phplist 2.6.2Tincan Phplist 2.10.1Tincan Phplist 2.6Tincan Phplist 2.6.3Tincan Phplist 2.6.4Tincan Phplist 2.8.12Tincan Phplist
NA
CVE-2008-6178
Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote malicious users to execute arbitrary code by creating a file with PHP sequences preceded by...
Phplist Phplist 2.10.1Fckeditor Fckeditor 2.4.3Phplist Phplist 2.10.5Phplist Phplist 2.10.4Fckeditor Fckeditor 2.3betaFckeditor Fckeditor 2.0rc2Fckeditor Fckeditor 2.0rc3Fckeditor Fckeditor 2.2Phplist Phplist 2.10.3Phplist Phplist 2.10.2Phplist Phplist 2.10.6
NA
CVE-2012-3952
Cross-site scripting (XSS) vulnerability in admin/index.php in phpList prior to 2.10.19 allows remote malicious users to inject arbitrary web script or HTML via the unconfirmed parameter to the user page.
Phplist PhplistPhplist Phplist 2.10.10Phplist Phplist 2.10.9Phplist Phplist 2.10.1Phplist Phplist 2.8.12Phplist Phplist 2.10.17Phplist Phplist 2.10.16Phplist Phplist 2.10.8Phplist Phplist 2.10.7Phplist Phplist 2.8.7Phplist Phplist 2.8.2Phplist Phplist 2.10.12Phplist Phplist 2.10.11Phplist Phplist 2.10.3Phplist Phplist 2.10.2Phplist Phplist 2.6.5Phplist Phplist 2.10.15Phplist Phplist 2.10.14Phplist Phplist 2.10.13Phplist Phplist 2.10.5Phplist Phplist 2.10.4Phplist Phplist 2.7.2
NA
CVE-2012-4246
Multiple cross-site scripting (XSS) vulnerabilities in lists/admin/index.php in phpList prior to 2.10.19 allow remote malicious users to inject arbitrary web script or HTML via the (1) page parameter; or the (2) footer, (3) status, or (4) testtarget parameter in the send page.
Phplist Phplist 2.10.14Phplist Phplist 2.10.12Phplist Phplist 2.10.4Phplist Phplist 2.10.2Phplist Phplist 2.7.2Phplist Phplist 2.6.5Phplist Phplist 2.10.11Phplist Phplist 2.10.10Phplist Phplist 2.10.9Phplist Phplist 2.10.8Phplist Phplist 2.10.7Phplist PhplistPhplist Phplist 2.10.17Phplist Phplist 2.10.16Phplist Phplist 2.10.1Phplist Phplist 2.8.12Phplist Phplist 2.8.7Phplist Phplist 2.8.2Phplist Phplist 2.10.15Phplist Phplist 2.10.13Phplist Phplist 2.10.5Phplist Phplist 2.10.3
NA
CVE-2012-4247
Multiple cross-site scripting (XSS) vulnerabilities in lists/admin/index.php in phpList prior to 2.10.19 allow remote malicious users to inject arbitrary web script or HTML via the (1) remote_user, (2) remote_database, (3) remote_userprefix, (4) remote_password, or (5) remote_pre...
Phplist Phplist 2.10.16Phplist Phplist 2.10.14Phplist Phplist 2.10.7Phplist Phplist 2.10.4Phplist Phplist 2.7.2Phplist Phplist 2.6.5Phplist Phplist 2.10.12Phplist Phplist 2.10.11Phplist Phplist 2.10.10Phplist Phplist 2.10.9Phplist PhplistPhplist Phplist 2.10.17Phplist Phplist 2.10.2Phplist Phplist 2.10.1Phplist Phplist 2.8.12Phplist Phplist 2.8.7Phplist Phplist 2.10.15Phplist Phplist 2.10.13Phplist Phplist 2.10.8Phplist Phplist 2.10.5Phplist Phplist 2.10.3Phplist Phplist 2.8.2
NA
CVE-2012-3953
SQL injection vulnerability in admin/index.php in phpList prior to 2.10.19 allows remote administrators to execute arbitrary SQL commands via the delete parameter to the editattributes page.
Phplist Phplist 2.10.12Phplist Phplist 2.10.11Phplist Phplist 2.10.3Phplist Phplist 2.10.2Phplist Phplist 2.6.5Phplist PhplistPhplist Phplist 2.10.10Phplist Phplist 2.10.9Phplist Phplist 2.10.1Phplist Phplist 2.8.12Phplist Phplist 2.10.15Phplist Phplist 2.10.14Phplist Phplist 2.10.13Phplist Phplist 2.10.5Phplist Phplist 2.10.4Phplist Phplist 2.7.2Phplist Phplist 2.7.1Phplist Phplist 2.10.17Phplist Phplist 2.10.16Phplist Phplist 2.10.8Phplist Phplist 2.10.7Phplist Phplist 2.8.7
NA
CVE-2006-5321
Multiple cross-site scripting (XSS) vulnerabilities in phplist prior to 2.10.3 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Tincan Phplist 2.10.1Tincan Phplist 2.6.1Tincan Phplist 2.6.3Tincan Phplist 2.8.12Tincan Phplist 2.8.7Tincan Phplist 2.6.4Tincan Phplist 2.6.5Tincan Phplist 2.7.1Tincan Phplist 2.7.2Tincan Phplist 2.6Tincan Phplist 2.6.2Tincan Phplist 2.8.2Tincan Phplist
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook