VYPR
Unrated severityNVD Advisory· Published Sep 6, 2012· Updated Jun 16, 2026

CVE-2012-2740

CVE-2012-2740

Description

SQL injection vulnerability in public_html/lists/admin in phpList before 2.10.18 allows remote attackers to execute arbitrary SQL commands via the sortby parameter in a find action.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17
  • Phplist/Phplist17 versions
    cpe:2.3:a:phplist:phplist:*:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:phplist:phplist:*:*:*:*:*:*:*:*range: <=2.10.17
    • cpe:2.3:a:phplist:phplist:2.10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.10:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.11:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.12:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.13:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.14:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.15:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.16:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.2:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.3:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.4:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.5:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.7:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.8:*:*:*:*:*:*:*
    • cpe:2.3:a:phplist:phplist:2.10.9:*:*:*:*:*:*:*
    • (no CPE)range: <2.10.18

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.