phpList version 2.10.18 suffers from SQL injection and cross-site scripting (XSS) vulnerabilities.
- SQL injection: Input passed via the "delete" GET parameter to "admin/index.php" script (when "page" is set to "editattributes") is not properly sanitised before being used in SQL query.
- Cross-site scripting (XSS): Input passed via the "unconfirmed" GET parameter to "admin/index.php" script (when "page" is set to "user") is not properly sanitised before being returned to the user.
Vulnerability ID: HTB23100
Vendor Notification / Patch / Public Disclosure Dates: July 11 / August 2 / August 8, 2012
Vulnerabilities Type: XSS, SQL Injection
Risk level: Medium
Solution Status: Fixed by Vendor, upgrade to phpList 2.10.19
See details and PoC-examples for this advisory: phpList multiple vulnerabilities.
No comments:
Post a Comment