CVE-2006-5321 | Vulnerability Database | Aqua Security

Multiple cross-site scripting (XSS) vulnerabilities in phplist before 2.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected Software

Name	Vendor	Start Version	End Version
Phplist	Tincan	*	2.10.2 (including)
Phplist	Tincan	2.6 (including)	2.6 (including)
Phplist	Tincan	2.6.1 (including)	2.6.1 (including)
Phplist	Tincan	2.6.2 (including)	2.6.2 (including)
Phplist	Tincan	2.6.3 (including)	2.6.3 (including)
Phplist	Tincan	2.6.4 (including)	2.6.4 (including)
Phplist	Tincan	2.6.5 (including)	2.6.5 (including)
Phplist	Tincan	2.7.1 (including)	2.7.1 (including)
Phplist	Tincan	2.7.2 (including)	2.7.2 (including)
Phplist	Tincan	2.8.2 (including)	2.8.2 (including)
Phplist	Tincan	2.8.7 (including)	2.8.7 (including)
Phplist	Tincan	2.8.12 (including)	2.8.12 (including)
Phplist	Tincan	2.10.1 (including)	2.10.1 (including)

References

http://tincan.co.uk/?lid=1821
http://www.phplist.com/news
http://www.securityfocus.com/bid/20483
http://tincan.co.uk/?lid=1821
http://www.phplist.com/news
http://www.securityfocus.com/bid/20483

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-5321
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html