Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phplist phplist 2.10.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5322
Multiple SQL injection vulnerabilities in phplist prior to 2.10.3 allow remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Tincan Phplist 2.9.4
Tincan Phplist 2.9.3
Tincan Phplist 2.8.12
Tincan Phplist 2.9.5
Tincan Phplist 2.10.1
Tincan Phplist
NA
CVE-2012-2740
SQL injection vulnerability in public_html/lists/admin in phpList prior to 2.10.18 allows remote malicious users to execute arbitrary SQL commands via the sortby parameter in a find action.
Phplist Phplist
Phplist Phplist 2.10.12
Phplist Phplist 2.10.15
Phplist Phplist 2.10.1
Phplist Phplist 2.10.13
Phplist Phplist 2.10.14
Phplist Phplist 2.10.7
Phplist Phplist 2.10.9
Phplist Phplist 2.10.4
Phplist Phplist 2.10.3
Phplist Phplist 2.10.2
Phplist Phplist 2.10.10
Phplist Phplist 2.10.11
Phplist Phplist 2.10.8
Phplist Phplist 2.10.5
Phplist Phplist 2.10.16
1 EDB exploit
NA
CVE-2012-2741
Cross-site scripting (XSS) vulnerability in public_html/lists/admin/ in phpList prior to 2.10.18 allows remote malicious users to inject arbitrary web script or HTML via the num parameter in a reconcileusers action.
Phplist Phplist
Phplist Phplist 2.10.12
Phplist Phplist 2.10.15
Phplist Phplist 2.10.1
Phplist Phplist 2.10.13
Phplist Phplist 2.10.14
Phplist Phplist 2.10.7
Phplist Phplist 2.10.9
Phplist Phplist 2.10.4
Phplist Phplist 2.10.3
Phplist Phplist 2.10.2
Phplist Phplist 2.10.10
Phplist Phplist 2.10.11
Phplist Phplist 2.10.8
Phplist Phplist 2.10.5
Phplist Phplist 2.10.16
1 EDB exploit
NA
CVE-2006-5294
Cross-site scripting (XSS) vulnerability in index.php in phplist prior to 2.10.3 allows remote malicious users to inject arbitrary web script or HTML via the unsubscribeemail parameter.
Tincan Phplist 2.6.3
Tincan Phplist 2.6
Tincan Phplist 2.8.12
Tincan Phplist 2.6.2
Tincan Phplist 2.6.4
Tincan Phplist 2.10.1
Tincan Phplist 2.6.1
Tincan Phplist
1 EDB exploit
NA
CVE-2008-6178
Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote malicious users to execute arbitrary code by creating a file with PHP sequences preceded by...
Phplist Phplist 2.10.6
Fckeditor Fckeditor 2.4.3
Phplist Phplist 2.10.1
Fckeditor Fckeditor 2.0rc3
Phplist Phplist 2.10.4
Fckeditor Fckeditor 2.2
Phplist Phplist 2.10.3
Phplist Phplist 2.10.2
Fckeditor Fckeditor 2.0rc2
Fckeditor Fckeditor 2.3beta
Phplist Phplist 2.10.5
2 EDB exploits
NA
CVE-2006-5321
Multiple cross-site scripting (XSS) vulnerabilities in phplist prior to 2.10.3 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Tincan Phplist 2.8.2
Tincan Phplist 2.6.3
Tincan Phplist 2.6.5
Tincan Phplist 2.6
Tincan Phplist 2.8.12
Tincan Phplist 2.6.2
Tincan Phplist 2.6.4
Tincan Phplist 2.8.7
Tincan Phplist 2.10.1
Tincan Phplist 2.6.1
Tincan Phplist
Tincan Phplist 2.7.1
Tincan Phplist 2.7.2
NA
CVE-2006-1746
Directory traversal vulnerability in PHPList 2.10.2 and previous versions allows remote malicious users to include arbitrary local files via the (1) GLOBALS[database_module] or (2) GLOBALS[language_module] parameters, which overwrite the underlying $GLOBALS variable.
Tincan Phplist 2.8.2
Tincan Phplist 2.6.3
Tincan Phplist 2.6.5
Tincan Phplist 2.6
Tincan Phplist 2.8.12
Tincan Phplist 2.6.2
Tincan Phplist 2.6.4
Tincan Phplist 2.8.7
Tincan Phplist 2.10.1
Tincan Phplist 2.6.1
Tincan Phplist
Tincan Phplist 2.7.1
Tincan Phplist 2.7.2
NA
CVE-2012-4246
Multiple cross-site scripting (XSS) vulnerabilities in lists/admin/index.php in phpList prior to 2.10.19 allow remote malicious users to inject arbitrary web script or HTML via the (1) page parameter; or the (2) footer, (3) status, or (4) testtarget parameter in the send page.
Phplist Phplist 2.10.12
Phplist Phplist 2.10.15
Phplist Phplist
Phplist Phplist 2.10.17
Phplist Phplist 2.8.12
Phplist Phplist 2.10.1
Phplist Phplist 2.10.13
Phplist Phplist 2.10.14
Phplist Phplist 2.10.7
Phplist Phplist 2.10.9
Phplist Phplist 2.7.2
Phplist Phplist 2.10.4
Phplist Phplist 2.10.3
Phplist Phplist 2.7.1
Phplist Phplist 2.10.2
Phplist Phplist 2.8.7
Phplist Phplist 2.10.10
Phplist Phplist 2.6.5
Phplist Phplist 2.8.2
Phplist Phplist 2.10.11
Phplist Phplist 2.10.8
Phplist Phplist 2.10.5
1 EDB exploit
NA
CVE-2012-3952
Cross-site scripting (XSS) vulnerability in admin/index.php in phpList prior to 2.10.19 allows remote malicious users to inject arbitrary web script or HTML via the unconfirmed parameter to the user page.
Phplist Phplist 2.10.12
Phplist Phplist 2.10.15
Phplist Phplist
Phplist Phplist 2.10.17
Phplist Phplist 2.8.12
Phplist Phplist 2.10.1
Phplist Phplist 2.10.13
Phplist Phplist 2.10.14
Phplist Phplist 2.10.7
Phplist Phplist 2.10.9
Phplist Phplist 2.7.2
Phplist Phplist 2.10.4
Phplist Phplist 2.10.3
Phplist Phplist 2.7.1
Phplist Phplist 2.10.2
Phplist Phplist 2.8.7
Phplist Phplist 2.10.10
Phplist Phplist 2.6.5
Phplist Phplist 2.8.2
Phplist Phplist 2.10.11
Phplist Phplist 2.10.8
Phplist Phplist 2.10.5
1 EDB exploit
NA
CVE-2012-3953
SQL injection vulnerability in admin/index.php in phpList prior to 2.10.19 allows remote administrators to execute arbitrary SQL commands via the delete parameter to the editattributes page.
Phplist Phplist 2.10.12
Phplist Phplist 2.10.15
Phplist Phplist
Phplist Phplist 2.10.17
Phplist Phplist 2.8.12
Phplist Phplist 2.10.1
Phplist Phplist 2.10.13
Phplist Phplist 2.10.14
Phplist Phplist 2.10.7
Phplist Phplist 2.10.9
Phplist Phplist 2.7.2
Phplist Phplist 2.10.4
Phplist Phplist 2.10.3
Phplist Phplist 2.7.1
Phplist Phplist 2.10.2
Phplist Phplist 2.8.7
Phplist Phplist 2.10.10
Phplist Phplist 2.6.5
Phplist Phplist 2.8.2
Phplist Phplist 2.10.11
Phplist Phplist 2.10.8
Phplist Phplist 2.10.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »