Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tincan vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-2432
SQL injection vulnerability in PhpList allows remote malicious users to modify SQL statements via the id argument to admin pages such as (1) members or (2) admin.
Tincan Phplist
1 EDB exploit
6.5
CVSSv2
CVE-2005-3555
Multiple SQL injection vulnerabilities in PHPlist 2.10.1 and previous versions allow authenticated remote attackers with administrator privileges to execute arbitrary SQL commands via the id parameter in the (1) editattributes or (2) admin page.
Tincan Phplist
2 EDB exploits
4.3
CVSSv2
CVE-2005-3556
Multiple cross-site scripting (XSS) vulnerabilities in PHPlist 2.10.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) listname parameter in (a) admin/editlist.php, (2) title parameter in (b) admin/spageedit.php, (3) title fiel...
Tincan Phplist
3 EDB exploits
5
CVSSv2
CVE-2005-3557
Directory traversal vulnerability in admin/defaults.php in PHPlist 2.10.1 and previous versions allows remote malicious users to access arbitrary files via a .. (dot dot) in the selected%5B%5D parameter in an HTTP POST request.
Tincan Phplist
4.3
CVSSv2
CVE-2007-4071
Multiple cross-site scripting (XSS) vulnerabilities in uploader/index.php in Webbler CMS prior to 3.1.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) page or (2) login parameter.
Tincan Webbler Cms
5
CVSSv2
CVE-2007-4072
Webbler CMS prior to 3.1.6 provides the full installation path within HTML comments in certain documents, which allows remote malicious users to obtain sensitive information by viewing the HTML source, as demonstrated by viewing the source generated from index.php.
Tincan Webbler Cms
5
CVSSv2
CVE-2007-4073
Webbler CMS prior to 3.1.6 does not properly restrict use of "mail a friend" forms, which allows remote malicious users to send arbitrary amounts of forged e-mail. NOTE: this could be leveraged for spam or phishing attacks.
Tincan Webbler Cms
5
CVSSv2
CVE-2004-2744
Unspecified vulnerability in Tincan Limited PHPlist prior to 2.8.12 has unknown impact and attack vectors, related to a "security update release."
Phplist Mailing List Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2