oss-sec mailing list archives
CVE request: phplist before 2.10.18 XSS and sql injection
From: Hanno Böck <hanno () hboeck de>
Date: Sat, 16 Jun 2012 05:19:56 +0200
http://www.exploit-db.com/exploits/18639/ cite from there: "Desc: Input passed via the parameter 'sortby' is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The param 'num' is vulnerable to a XSS issue where the attacker can execute arbitrary HTML and script code in a user's browser session in context of an affected site." Upstreams release notes for 2.10.18: http://www.phplist.com/?lid=567 mentions: "This version fixes a few small bugs and a security issue that was found. The security issues fixed require the administrator to be logged in. Therefore the vulnerability can be classified as "intermediate". There's no immediate danger of the vulnerabilities to be exploited remotely." Please assign two CVEs. -- Hanno Böck mail/jabber: hanno () hboeck de GPG: BBB51E42 http://www.hboeck.de/
Attachment:
signature.asc
Description:
Current thread:
- CVE request: phplist before 2.10.18 XSS and sql injection Hanno Böck (Jun 15)
- Re: CVE request: phplist before 2.10.18 XSS and sql injection Kurt Seifried (Jun 16)