Phplistpro
by Smartisoft
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-2323 | 0.04 | — | 0.10 | May 12, 2006 | Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpListPro 2.01 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the returnpath parameter in (1) editsite.php, (2) addsite.php, and (3) in.php. NOTE: The config.php vector is already… | |||
| CVE-2006-1749 | 0.04 | — | 0.08 | Apr 12, 2006 | PHP remote file inclusion vulnerability in config.php in phpListPro 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the returnpath parameter. NOTE: this issue was later reported to affect 2.01 as well. | |||
| CVE-2006-2523 | 0.03 | — | 0.03 | May 22, 2006 | PHP remote file inclusion vulnerability in config.php in phpListPro 2.0.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary PHP code via a URL in the Language cookie. |
- CVE-2006-2323May 12, 2006risk 0.04cvss —epss 0.10
Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpListPro 2.01 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the returnpath parameter in (1) editsite.php, (2) addsite.php, and (3) in.php. NOTE: The config.php vector is already…
- CVE-2006-1749Apr 12, 2006risk 0.04cvss —epss 0.08
PHP remote file inclusion vulnerability in config.php in phpListPro 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the returnpath parameter. NOTE: this issue was later reported to affect 2.01 as well.
- CVE-2006-2523May 22, 2006risk 0.03cvss —epss 0.03
PHP remote file inclusion vulnerability in config.php in phpListPro 2.0.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary PHP code via a URL in the Language cookie.