SQL injection vulnerability in PhpList allows remote malicious users to modify SQL statements via the id argument to admin pages such as (1) members or (2) admin.
source: wwwsecurityfocuscom/bid/14403/info
PHPList is prone to an SQL injection vulnerability This issue is due to a failure in the application to properly sanitize user-supplied data before using it in an SQL query
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permi ...