Multiple cross-site request forgery (CSRF) vulnerabilities in phpList 2.10.13 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) create a list or (2) insert cross-site scripting (XSS) sequences. NOTE: this issue exists because of an incomplete fix for CVE-2011-0748. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
tincan phplist 2.7.2 |
||
tincan phplist 2.8.2 |
||
tincan phplist 2.10.7 |
||
tincan phplist 2.10.8 |
||
tincan phplist 2.6.1 |
||
tincan phplist 2.6 |
||
tincan phplist 2.5.5 |
||
tincan phplist 2.5.4 |
||
tincan phplist 2.5.3 |
||
tincan phplist 2.3.3 |
||
tincan phplist 2.3.2 |
||
tincan phplist 2.1.1 |
||
tincan phplist 2.1.0 |
||
tincan phplist 1.6.4 |
||
tincan phplist 1.6.3 |
||
tincan phplist 1.3.5 |
||
tincan phplist 1.1.7 |
||
tincan phplist 1.0.1 |
||
tincan phplist 1.0 |
||
tincan phplist 2.9.5 |
||
tincan phplist 2.8.12 |
||
tincan phplist 2.10.1 |
||
tincan phplist 2.10.2 |
||
tincan phplist 2.10.9 |
||
tincan phplist 2.10.10 |
||
tincan phplist 2.6.3 |
||
tincan phplist 2.10.12 |
||
tincan phplist 2.5.2 |
||
tincan phplist 2.5.1 |
||
tincan phplist 2.3.1 |
||
tincan phplist 2.3.0 |
||
tincan phplist 1.9.3 |
||
tincan phplist 1.9.2 |
||
tincan phplist 1.6.1 |
||
tincan phplist 1.6.0 |
||
tincan phplist 1.1.6 |
||
tincan phplist 1.1.5 |
||
tincan phplist |
||
tincan phplist 2.9.4 |
||
tincan phplist 2.9.3 |
||
tincan phplist 2.10.3 |
||
tincan phplist 2.10.4 |
||
tincan phplist 2.10.11 |
||
tincan phplist 2.8.7 |
||
tincan phplist 2.6.0 |
||
tincan phplist 2.5.8 |
||
tincan phplist 2.5.0 |
||
tincan phplist 2.4.0 |
||
tincan phplist 2.2.1 |
||
tincan phplist 2.2.0 |
||
tincan phplist 1.9.1 |
||
tincan phplist 1.9.0 |
||
tincan phplist 1.5.1 |
||
tincan phplist 2.6.5 |
||
tincan phplist 2.7.1 |
||
tincan phplist 2.10.5 |
||
tincan phplist 2.10.6 |
||
tincan phplist 2.6.4 |
||
tincan phplist 2.6.2 |
||
tincan phplist 2.5.7 |
||
tincan phplist 2.5.6 |
||
tincan phplist 2.3.4 |
||
tincan phplist 2.4.7 |
||
tincan phplist 2.1.4 |
||
tincan phplist 2.1.3 |
||
tincan phplist 1.8.0 |
||
tincan phplist 1.7.1 |
||
tincan phplist 1.7.0 |
||
tincan phplist 1.4.1 |
||
tincan phplist 1.3.7 |
||
tincan phplist 1.1.3b |
||
tincan phplist 1.1.2b |
||
tincan phplist 1.5.0 |
||
tincan phplist 1.1.5b |
||
tincan phplist 1.1.4b |
Vulmon