Cross-site scripting (XSS) vulnerability in public_html/lists/admin/ in phpList prior to 2.10.18 allows remote malicious users to inject arbitrary web script or HTML via the num parameter in a reconcileusers action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phplist phplist 2.10.12 |
||
phplist phplist 2.10.10 |
||
phplist phplist 2.10.2 |
||
phplist phplist |
||
phplist phplist 2.10.16 |
||
phplist phplist 2.10.15 |
||
phplist phplist 2.10.14 |
||
phplist phplist 2.10.13 |
||
phplist phplist 2.10.8 |
||
phplist phplist 2.10.7 |
||
phplist phplist 2.10.5 |
||
phplist phplist 2.10.4 |
||
phplist phplist 2.10.11 |
||
phplist phplist 2.10.9 |
||
phplist phplist 2.10.3 |
||
phplist phplist 2.10.1 |