Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phplist phplist vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-3188
phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports.
Phplist Phplist 3.6.0
7.5
CVSSv2
CVE-2017-20029
A vulnerability was found in PHPList 3.2.6 and classified as critical. This issue affects some unknown processing of the file /lists/index.php of the component Edit Subscription. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been d...
Phplist Phplist 3.2.6
7.5
CVSSv2
CVE-2017-20032
A vulnerability was found in PHPList 3.2.6. It has been rated as critical. Affected by this issue is some unknown functionality of the component Subscription. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the publi...
Phplist Phplist 3.2.6
7.5
CVSSv2
CVE-2020-22249
Remote Code Execution vulnerability in phplist 3.5.1. The application does not check any file extensions stored in the plugin zip file, Uploading a malicious plugin which contains the php files with extensions like PHP,phtml,php7 will be copied to the plugins directory which woul...
Phplist Phplist 3.5.1
7.5
CVSSv2
CVE-2020-23361
phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.
Phplist Phplist 3.5.3
7.5
CVSSv2
CVE-2020-8547
phpList 3.5.0 allows type juggling for admin login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.
Phplist Phplist 3.5.0
7.5
CVSSv2
CVE-2012-2740
SQL injection vulnerability in public_html/lists/admin in phpList prior to 2.10.18 allows remote malicious users to execute arbitrary SQL commands via the sortby parameter in a find action.
Phplist Phplist
Phplist Phplist 2.10.12
Phplist Phplist 2.10.15
Phplist Phplist 2.10.1
Phplist Phplist 2.10.13
Phplist Phplist 2.10.14
Phplist Phplist 2.10.7
Phplist Phplist 2.10.9
Phplist Phplist 2.10.4
Phplist Phplist 2.10.3
Phplist Phplist 2.10.2
Phplist Phplist 2.10.10
Phplist Phplist 2.10.11
Phplist Phplist 2.10.8
Phplist Phplist 2.10.5
Phplist Phplist 2.10.16
1 EDB exploit
7.5
CVSSv2
CVE-2012-3953
SQL injection vulnerability in admin/index.php in phpList prior to 2.10.19 allows remote administrators to execute arbitrary SQL commands via the delete parameter to the editattributes page.
Phplist Phplist 2.10.12
Phplist Phplist 2.10.15
Phplist Phplist
Phplist Phplist 2.10.17
Phplist Phplist 2.8.12
Phplist Phplist 2.10.1
Phplist Phplist 2.10.13
Phplist Phplist 2.10.14
Phplist Phplist 2.10.7
Phplist Phplist 2.10.9
Phplist Phplist 2.7.2
Phplist Phplist 2.10.4
Phplist Phplist 2.10.3
Phplist Phplist 2.7.1
Phplist Phplist 2.10.2
Phplist Phplist 2.8.7
Phplist Phplist 2.10.10
Phplist Phplist 2.6.5
Phplist Phplist 2.8.2
Phplist Phplist 2.10.11
Phplist Phplist 2.10.8
Phplist Phplist 2.10.5
1 EDB exploit
7.5
CVSSv2
CVE-2008-6178
Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote malicious users to execute arbitrary code by creating a file with PHP sequences preceded by...
Phplist Phplist 2.10.6
Fckeditor Fckeditor 2.4.3
Phplist Phplist 2.10.1
Fckeditor Fckeditor 2.0rc3
Phplist Phplist 2.10.4
Fckeditor Fckeditor 2.2
Phplist Phplist 2.10.3
Phplist Phplist 2.10.2
Fckeditor Fckeditor 2.0rc2
Fckeditor Fckeditor 2.3beta
Phplist Phplist 2.10.5
2 EDB exploits
7.5
CVSSv2
CVE-2009-0422
Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and previous versions, when register_globals is disabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the _SERVER[ConfigFile] paramet...
Tincan Phplist 2.4.0
Tincan Phplist 2.5.6
Tincan Phplist 2.10.6
Tincan Phplist 2.10.3
Tincan Phplist 1.6.1
Tincan Phplist 2.8.2
Tincan Phplist 1.9.0
Tincan Phplist 2.5.5
Tincan Phplist 1.6.0
Tincan Phplist 1.9.3
Tincan Phplist 1.6.3
Tincan Phplist 2.6.3
Tincan Phplist 2.1.0
Tincan Phplist 2.9.4
Tincan Phplist 2.3.1
Tincan Phplist 2.6.5
Tincan Phplist 2.9.3
Tincan Phplist 1.6.4
Tincan Phplist 2.6
Tincan Phplist 2.1.4
Tincan Phplist 2.5.7
Tincan Phplist 2.6.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »