Unrated severityNVD Advisory· Published Jul 10, 2006· Updated Apr 16, 2026

CVE-2006-3483

Description

PHPMailList 1.8.0 stores sensitive information under the web document root iwth insufficient access control, which allows remote attackers to obtain email addresses of subscribers, configuration information, and the admin username and password via direct requests to (1) list.dat or (2) ml_config.dat.

Affected products

Phpmaillist/Phpmaillist
cpe:2.3:a:phpmaillist:phpmaillist:*:*:*:*:*:*:*:*
Range: <=1.8

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lostmon.blogspot.com/2006/07/multiple-vulnerabilities-in.htmlnvd
securitytracker.com/idnvd
www.osvdb.org/27017nvd
www.osvdb.org/27018nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000