CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Phplist: >> Phplist >> 2.10.20 Security Vulnerabilities

CVE-2020-12639

phpList before 3.5.3 allows XSS, with resultant privilege elevation, via lists/admin/template.php.

CVSS Score

6.1

EPSS Score

0.004

Published

2020-05-04

CVE-2014-2916

Cross-site request forgery (CSRF) vulnerability in the subscription page editor (spageedit) in phpList before 3.0.6 allows remote attackers to hijack the authentication of administrators via a request to admin/.

CVSS Score

6.8

EPSS Score

0.002

Published

2014-05-05

Page 2

Vulnerabilities

Vulnerable Software

Phplist: >> Phplist >> 2.10.20 Security Vulnerabilities

Products

Pricing

Contact Us