Directory traversal vulnerability in admin/defaults.php in PHPlist 2.10.1 and previous versions allows remote malicious users to access arbitrary files via a .. (dot dot) in the selected%5B%5D parameter in an HTTP POST request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tincan phplist |