Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phplist phplist 2.10.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5524
Cross-site scripting (XSS) vulnerability in index.php in phplist 2.10.2 allows remote malicious users to inject arbitrary web script or HTML via the p parameter. NOTE: This issue might overlap CVE-2006-5321.
Phplist Phplist 2.10.2
1 EDB exploit
NA
CVE-2012-2740
SQL injection vulnerability in public_html/lists/admin in phpList prior to 2.10.18 allows remote malicious users to execute arbitrary SQL commands via the sortby parameter in a find action.
Phplist Phplist 2.10.13
Phplist Phplist 2.10.16
Phplist Phplist 2.10.15
Phplist Phplist 2.10.14
Phplist Phplist 2.10.9
Phplist Phplist 2.10.8
Phplist Phplist 2.10.7
Phplist Phplist 2.10.5
Phplist Phplist 2.10.4
Phplist Phplist 2.10.11
Phplist Phplist 2.10.3
Phplist Phplist 2.10.1
Phplist Phplist 2.10.12
Phplist Phplist 2.10.10
Phplist Phplist 2.10.2
Phplist Phplist
1 EDB exploit
NA
CVE-2012-2741
Cross-site scripting (XSS) vulnerability in public_html/lists/admin/ in phpList prior to 2.10.18 allows remote malicious users to inject arbitrary web script or HTML via the num parameter in a reconcileusers action.
Phplist Phplist 2.10.12
Phplist Phplist 2.10.10
Phplist Phplist 2.10.2
Phplist Phplist
Phplist Phplist 2.10.16
Phplist Phplist 2.10.15
Phplist Phplist 2.10.14
Phplist Phplist 2.10.13
Phplist Phplist 2.10.8
Phplist Phplist 2.10.7
Phplist Phplist 2.10.5
Phplist Phplist 2.10.4
Phplist Phplist 2.10.11
Phplist Phplist 2.10.9
Phplist Phplist 2.10.3
Phplist Phplist 2.10.1
1 EDB exploit
NA
CVE-2008-6178
Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote malicious users to execute arbitrary code by creating a file with PHP sequences preceded by...
Phplist Phplist 2.10.1
Fckeditor Fckeditor 2.4.3
Phplist Phplist 2.10.5
Phplist Phplist 2.10.4
Fckeditor Fckeditor 2.3beta
Fckeditor Fckeditor 2.0rc2
Fckeditor Fckeditor 2.0rc3
Fckeditor Fckeditor 2.2
Phplist Phplist 2.10.3
Phplist Phplist 2.10.2
Phplist Phplist 2.10.6
2 EDB exploits
NA
CVE-2012-4246
Multiple cross-site scripting (XSS) vulnerabilities in lists/admin/index.php in phpList prior to 2.10.19 allow remote malicious users to inject arbitrary web script or HTML via the (1) page parameter; or the (2) footer, (3) status, or (4) testtarget parameter in the send page.
Phplist Phplist 2.10.14
Phplist Phplist 2.10.12
Phplist Phplist 2.10.4
Phplist Phplist 2.10.2
Phplist Phplist 2.7.2
Phplist Phplist 2.6.5
Phplist Phplist 2.10.11
Phplist Phplist 2.10.10
Phplist Phplist 2.10.9
Phplist Phplist 2.10.8
Phplist Phplist 2.10.7
Phplist Phplist
Phplist Phplist 2.10.17
Phplist Phplist 2.10.16
Phplist Phplist 2.10.1
Phplist Phplist 2.8.12
Phplist Phplist 2.8.7
Phplist Phplist 2.8.2
Phplist Phplist 2.10.15
Phplist Phplist 2.10.13
Phplist Phplist 2.10.5
Phplist Phplist 2.10.3
1 EDB exploit
NA
CVE-2012-3952
Cross-site scripting (XSS) vulnerability in admin/index.php in phpList prior to 2.10.19 allows remote malicious users to inject arbitrary web script or HTML via the unconfirmed parameter to the user page.
Phplist Phplist
Phplist Phplist 2.10.10
Phplist Phplist 2.10.9
Phplist Phplist 2.10.1
Phplist Phplist 2.8.12
Phplist Phplist 2.10.17
Phplist Phplist 2.10.16
Phplist Phplist 2.10.8
Phplist Phplist 2.10.7
Phplist Phplist 2.8.7
Phplist Phplist 2.8.2
Phplist Phplist 2.10.12
Phplist Phplist 2.10.11
Phplist Phplist 2.10.3
Phplist Phplist 2.10.2
Phplist Phplist 2.6.5
Phplist Phplist 2.10.15
Phplist Phplist 2.10.14
Phplist Phplist 2.10.13
Phplist Phplist 2.10.5
Phplist Phplist 2.10.4
Phplist Phplist 2.7.2
1 EDB exploit
NA
CVE-2012-3953
SQL injection vulnerability in admin/index.php in phpList prior to 2.10.19 allows remote administrators to execute arbitrary SQL commands via the delete parameter to the editattributes page.
Phplist Phplist 2.10.12
Phplist Phplist 2.10.11
Phplist Phplist 2.10.3
Phplist Phplist 2.10.2
Phplist Phplist 2.6.5
Phplist Phplist
Phplist Phplist 2.10.10
Phplist Phplist 2.10.9
Phplist Phplist 2.10.1
Phplist Phplist 2.8.12
Phplist Phplist 2.10.15
Phplist Phplist 2.10.14
Phplist Phplist 2.10.13
Phplist Phplist 2.10.5
Phplist Phplist 2.10.4
Phplist Phplist 2.7.2
Phplist Phplist 2.7.1
Phplist Phplist 2.10.17
Phplist Phplist 2.10.16
Phplist Phplist 2.10.8
Phplist Phplist 2.10.7
Phplist Phplist 2.8.7
1 EDB exploit
NA
CVE-2012-4247
Multiple cross-site scripting (XSS) vulnerabilities in lists/admin/index.php in phpList prior to 2.10.19 allow remote malicious users to inject arbitrary web script or HTML via the (1) remote_user, (2) remote_database, (3) remote_userprefix, (4) remote_password, or (5) remote_pre...
Phplist Phplist 2.10.16
Phplist Phplist 2.10.14
Phplist Phplist 2.10.7
Phplist Phplist 2.10.4
Phplist Phplist 2.7.2
Phplist Phplist 2.6.5
Phplist Phplist 2.10.12
Phplist Phplist 2.10.11
Phplist Phplist 2.10.10
Phplist Phplist 2.10.9
Phplist Phplist
Phplist Phplist 2.10.17
Phplist Phplist 2.10.2
Phplist Phplist 2.10.1
Phplist Phplist 2.8.12
Phplist Phplist 2.8.7
Phplist Phplist 2.10.15
Phplist Phplist 2.10.13
Phplist Phplist 2.10.8
Phplist Phplist 2.10.5
Phplist Phplist 2.10.3
Phplist Phplist 2.8.2
1 EDB exploit
NA
CVE-2009-0422
Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and previous versions, when register_globals is disabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the _SERVER[ConfigFile] paramet...
Tincan Phplist 2.7.2
Tincan Phplist 2.8.2
Tincan Phplist 2.10.6
Tincan Phplist 2.10.7
Tincan Phplist 2.6.0
Tincan Phplist 2.5.8
Tincan Phplist 2.5.0
Tincan Phplist 2.4.0
Tincan Phplist 2.2.1
Tincan Phplist 2.2.0
Tincan Phplist 1.9.1
Tincan Phplist 1.9.0
Tincan Phplist 2.8.12
Tincan Phplist 2.10.1
Tincan Phplist 2.8.7
Tincan Phplist 2.6.4
Tincan Phplist 2.5.7
Tincan Phplist 2.5.6
Tincan Phplist 2.3.4
Tincan Phplist 2.4.7
Tincan Phplist 2.1.4
Tincan Phplist 2.1.3
1 EDB exploit
NA
CVE-2008-5887
phplist prior to 2.10.8 allows remote malicious users to include files via unknown vectors, related to a "local file include vulnerability."
Tincan Phplist 2.6.5
Tincan Phplist 2.7.1
Tincan Phplist 2.10.4
Tincan Phplist 2.10.5
Tincan Phplist 2.6.3
Tincan Phplist 2.6.0
Tincan Phplist 2.5.1
Tincan Phplist 2.5.0
Tincan Phplist 2.3.0
Tincan Phplist 2.2.1
Tincan Phplist 1.9.2
Tincan Phplist 1.9.1
Tincan Phplist 1.6.0
Tincan Phplist 1.5.1
Tincan Phplist 1.1.5
Tincan Phplist 1.1.5b
Tincan Phplist 2.8.12
Tincan Phplist 2.10.1
Tincan Phplist 2.6.4
Tincan Phplist 2.6.2
Tincan Phplist 2.5.6
Tincan Phplist 2.5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »