Multiple SQL injection vulnerabilities in phplist before 2.10.3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Phplist | Tincan | * | 2.10.2 (including) |
| Phplist | Tincan | 2.8.12 (including) | 2.8.12 (including) |
| Phplist | Tincan | 2.9.3 (including) | 2.9.3 (including) |
| Phplist | Tincan | 2.9.4 (including) | 2.9.4 (including) |
| Phplist | Tincan | 2.9.5 (including) | 2.9.5 (including) |
| Phplist | Tincan | 2.10.1 (including) | 2.10.1 (including) |