Page 4 of 17 results (0.004 seconds)

CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 1

SQL injection vulnerability in PhpList allows remote attackers to modify SQL statements via the id argument to admin pages such as (1) members or (2) admin. Vulerabilidad de inyección de SQL en PhpList permite que atacantes remotos modifiquen sentencias SQL mediante el argumento id en las páginas de administració, tales como "members" o "admin". • https://www.exploit-db.com/exploits/26045 http://marc.info/?l=bugtraq&m=112258115325054&w=2 http://marc.info/?l=bugtraq&m=112291396731712&w=2 http://secunia.com/advisories/16274 http://securitytracker.com/id?1014607 http://www.osvdb.org/18316 http://www.securityfocus.com/bid/14403 https://exchange.xforce.ibmcloud.com/vulnerabilities/21576 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

PhpList allows remote attackers to obtain sensitive information via a direct request to (1) about.php, (2) connect.php, (3) domainstats.php or (4) usercheck.php in public_html/lists/admin directory, (5) attributes.php, (6) dbcheck.php, (7) importcsv.php, (8) user.php, (9) usermgt.php, or (10) users.php in admin/commonlib/pages directory, (11) helloworld.php, or (12) sidebar.php in public_html/lists/admin/plugins directory, or (13) main.php in public_html/lists/admin/plugsins/defaultplugin directory, which reveal the path in an error message. PhoList permite que atacantes remotos obtengan información confidencial mediante una petición directa a: (1) about.php, (2) connect.php, (3) domainstats.php o (4) usercheck.php en el directorio public_html/lists/admin , (5) attributes.php, (6) dbcheck.php, (7) importcsv.php, (8) user.php, (9) usermgt.php, o (10) users.php en el directorio admin/commonlib/pages , (11) helloworld.php, o (12) sidebar.php en el directorio public_html/lists/admin/plugins, o (13) main.php en el directorio public_html/lists/admin/plugsins/defaultplugin, lo que revela el path en un mensaje de error. • http://marc.info/?l=bugtraq&m=112258115325054&w=2 http://www.osvdb.org/18317 http://www.osvdb.org/18318 http://www.osvdb.org/18319 http://www.osvdb.org/18320 http://www.osvdb.org/18321 http://www.osvdb.org/18322 http://www.osvdb.org/18323 http://www.osvdb.org/18324 http://www.osvdb.org/18325 http://www.osvdb.org/18326 http://www.osvdb.org/18327 http://www.osvdb.org/18328 http://www.osvdb.org/18329 https://exchange.xforce. •