PT-2022-7904 · Phplist · Phplist
Tim Coen
·
Published
2022-06-10
·
Updated
2022-06-17
·
CVE-2017-20031
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
PHPList versions 3.2.6
Description
A vulnerability in PHPList allows for information disclosure through the manipulation of the
sortby argument with the input password. This can be exploited remotely. The issue affects an unknown functionality of the software.Recommendations
For PHPList version 3.2.6, upgrade to version 3.3.1 to address the issue.
Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Phplist