Dino Covotsos

**Name of the Vulnerable Software and Affected Versions** phpList versions prior to 3.5.5 **Description** An error-based SQL Injection issue exists via the Import Administrators section, allowing potential exploitation. **Recommendations** For versions prior to 3.5.5, update to version 3.5.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** phpList versions prior to 3.5.5 **Description** An issue was discovered that allows for an XSS vulnerability to occur within the Import Administrators section via the upload of an edited text document. This issue also affects the Subscriber Lists section. **Recommendations** For versions prior to 3.5.5, update to version 3.5.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** myQNAPcloud Connect versions 1.3.3.0925 and earlier **Description** The issue allows remote attackers to crash the program due to a Buffer Overflow. **Recommendations** For myQNAPcloud Connect versions 1.3.3.0925 and earlier, update to a version later than 1.3.3.0925 to resolve the issue.