Lucene search
MitreCVE-2008-5887HistoryJan 12, 2009 - 8:00 p.m.
CVE-2008-5887
2009-01-1220:00:02
CWE-20
mitre
web.nvd.nist.gov
23
4
phplist
2.10.8
file include
vulnerability
cve-2008-5887
nvd
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.8
Confidence
Low
EPSS
0.006
Percentile
79.3%
phplist before 2.10.8 allows remote attackers to include files via unknown vectors, related to a “local file include vulnerability.”
Affected configurations
Node
tincanphplistRange≤2.10.7
ORtincanphplistMatch1.0
ORtincanphplistMatch1.0.1
ORtincanphplistMatch1.1.2b
ORtincanphplistMatch1.1.3b
ORtincanphplistMatch1.1.4b
ORtincanphplistMatch1.1.5
ORtincanphplistMatch1.1.5b
ORtincanphplistMatch1.1.6
ORtincanphplistMatch1.1.7
ORtincanphplistMatch1.3.5
ORtincanphplistMatch1.3.7
ORtincanphplistMatch1.4.1
ORtincanphplistMatch1.5.0
ORtincanphplistMatch1.5.1
ORtincanphplistMatch1.6.0
ORtincanphplistMatch1.6.1
ORtincanphplistMatch1.6.3
ORtincanphplistMatch1.6.4
ORtincanphplistMatch1.7.0
ORtincanphplistMatch1.7.1
ORtincanphplistMatch1.8.0
ORtincanphplistMatch1.9.0
ORtincanphplistMatch1.9.1
ORtincanphplistMatch1.9.2
ORtincanphplistMatch1.9.3
ORtincanphplistMatch2.1.0
ORtincanphplistMatch2.1.1
ORtincanphplistMatch2.1.3
ORtincanphplistMatch2.1.4
ORtincanphplistMatch2.2.0
ORtincanphplistMatch2.2.1
ORtincanphplistMatch2.3.0
ORtincanphplistMatch2.3.1
ORtincanphplistMatch2.3.2
ORtincanphplistMatch2.3.3
ORtincanphplistMatch2.3.4
ORtincanphplistMatch2.4.0
ORtincanphplistMatch2.4.7
ORtincanphplistMatch2.5.0
ORtincanphplistMatch2.5.1
ORtincanphplistMatch2.5.2
ORtincanphplistMatch2.5.3
ORtincanphplistMatch2.5.4
ORtincanphplistMatch2.5.5
ORtincanphplistMatch2.5.6
ORtincanphplistMatch2.5.7
ORtincanphplistMatch2.5.8
ORtincanphplistMatch2.6
ORtincanphplistMatch2.6.0
ORtincanphplistMatch2.6.1
ORtincanphplistMatch2.6.2
ORtincanphplistMatch2.6.3
ORtincanphplistMatch2.6.4
ORtincanphplistMatch2.6.5
ORtincanphplistMatch2.7.1
ORtincanphplistMatch2.7.2
ORtincanphplistMatch2.8.2
ORtincanphplistMatch2.8.7
ORtincanphplistMatch2.8.12
ORtincanphplistMatch2.9.3
ORtincanphplistMatch2.9.4
ORtincanphplistMatch2.9.5
ORtincanphplistMatch2.10.1
ORtincanphplistMatch2.10.2
ORtincanphplistMatch2.10.3
ORtincanphplistMatch2.10.4
ORtincanphplistMatch2.10.5
ORtincanphplistMatch2.10.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tincan | phplist | * | cpe:2.3:a:tincan:phplist:*:*:*:*:*:*:*:* |
| tincan | phplist | 1.0 | cpe:2.3:a:tincan:phplist:1.0:*:*:*:*:*:*:* |
| tincan | phplist | 1.0.1 | cpe:2.3:a:tincan:phplist:1.0.1:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.2b | cpe:2.3:a:tincan:phplist:1.1.2b:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.3b | cpe:2.3:a:tincan:phplist:1.1.3b:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.4b | cpe:2.3:a:tincan:phplist:1.1.4b:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.5 | cpe:2.3:a:tincan:phplist:1.1.5:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.5b | cpe:2.3:a:tincan:phplist:1.1.5b:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.6 | cpe:2.3:a:tincan:phplist:1.1.6:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.7 | cpe:2.3:a:tincan:phplist:1.1.7:*:*:*:*:*:*:* |
References
Social References
More
Related
canvas
canvas
Immunity Canvas: PHPLIST_LFI
2009-01-12 20:00:00
prion
prion
Design/Logic Flaw
2009-01-12 20:00:00
dsquare
dsquare
phpList 2.10.7 LFI
2012-04-27 00:00:00
cvelist
cvelist
CVE-2008-5887
2009-01-12 19:27:00
nvd
nvd
CVE-2008-5887
2009-01-12 20:00:02
nessus
nessus
phpList cline Parameter Array Remote File Inclusion
2008-12-22 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.8
Confidence
Low
EPSS
0.006
Percentile
79.3%
Related for CVE-2008-5887