Unrated severityNVD Advisory· Published Nov 16, 2005· Updated Apr 16, 2026

CVE-2005-3555

Description

Multiple SQL injection vulnerabilities in PHPlist 2.10.1 and earlier allow authenticated remote attackers with administrator privileges to execute arbitrary SQL commands via the id parameter in the (1) editattributes or (2) admin page.

Affected products

Tincan/Phplist
cpe:2.3:a:tincan:phplist:*:*:*:*:*:*:*:*
Range: <=2.10.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/17476nvdPatchVendor Advisory
www.trapkit.de/advisories/TKADV2005-11-001.txtnvdExploitPatchVendor Advisory
osvdb.org/20567nvd
osvdb.org/20568nvd
www.securityfocus.com/archive/1/416005/30/0/threadednvd
www.securityfocus.com/bid/15350nvd
www.vupen.com/english/advisories/2005/2345nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000