Lucene search
HistoryOct 01, 2012 - 8:55 p.m.
CVE-2012-5228
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.003
Percentile
69.8%
Cross-site scripting (XSS) vulnerability in admin/index.php in phplist 2.10.9, 2.10.17, and possibly other versions before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via the testtarget parameter. NOTE: some of these details are obtained from third party information.
Affected configurations
Node
tincanphplistRange≤2.10.18
ORtincanphplistMatch1.0
ORtincanphplistMatch1.0.1
ORtincanphplistMatch1.1.2b
ORtincanphplistMatch1.1.3b
ORtincanphplistMatch1.1.4b
ORtincanphplistMatch1.1.5
ORtincanphplistMatch1.1.5b
ORtincanphplistMatch1.1.6
ORtincanphplistMatch1.1.7
ORtincanphplistMatch1.3.5
ORtincanphplistMatch1.3.7
ORtincanphplistMatch1.4.1
ORtincanphplistMatch1.5.0
ORtincanphplistMatch1.5.1
ORtincanphplistMatch1.6.0
ORtincanphplistMatch1.6.1
ORtincanphplistMatch1.6.3
ORtincanphplistMatch1.6.4
ORtincanphplistMatch1.7.0
ORtincanphplistMatch1.7.1
ORtincanphplistMatch1.8.0
ORtincanphplistMatch1.9.0
ORtincanphplistMatch1.9.1
ORtincanphplistMatch1.9.2
ORtincanphplistMatch1.9.3
ORtincanphplistMatch2.1.0
ORtincanphplistMatch2.1.1
ORtincanphplistMatch2.1.3
ORtincanphplistMatch2.1.4
ORtincanphplistMatch2.2.0
ORtincanphplistMatch2.2.1
ORtincanphplistMatch2.3.0
ORtincanphplistMatch2.3.1
ORtincanphplistMatch2.3.2
ORtincanphplistMatch2.3.3
ORtincanphplistMatch2.3.4
ORtincanphplistMatch2.4.0
ORtincanphplistMatch2.4.7
ORtincanphplistMatch2.5.0
ORtincanphplistMatch2.5.1
ORtincanphplistMatch2.5.2
ORtincanphplistMatch2.5.3
ORtincanphplistMatch2.5.4
ORtincanphplistMatch2.5.5
ORtincanphplistMatch2.5.6
ORtincanphplistMatch2.5.7
ORtincanphplistMatch2.5.8
ORtincanphplistMatch2.6
ORtincanphplistMatch2.6.0
ORtincanphplistMatch2.6.1
ORtincanphplistMatch2.6.2
ORtincanphplistMatch2.6.3
ORtincanphplistMatch2.6.4
ORtincanphplistMatch2.6.5
ORtincanphplistMatch2.7.1
ORtincanphplistMatch2.7.2
ORtincanphplistMatch2.8.2
ORtincanphplistMatch2.8.7
ORtincanphplistMatch2.8.12
ORtincanphplistMatch2.9.3
ORtincanphplistMatch2.9.4
ORtincanphplistMatch2.9.5
ORtincanphplistMatch2.10.1
ORtincanphplistMatch2.10.2
ORtincanphplistMatch2.10.3
ORtincanphplistMatch2.10.4
ORtincanphplistMatch2.10.5
ORtincanphplistMatch2.10.6
ORtincanphplistMatch2.10.7
ORtincanphplistMatch2.10.8
ORtincanphplistMatch2.10.9
ORtincanphplistMatch2.10.10
ORtincanphplistMatch2.10.11
ORtincanphplistMatch2.10.12
ORtincanphplistMatch2.10.13
ORtincanphplistMatch2.10.14
ORtincanphplistMatch2.10.15
ORtincanphplistMatch2.10.16
ORtincanphplistMatch2.10.17
ORtincanphplistMatch2.10.19
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tincan | phplist | * | cpe:2.3:a:tincan:phplist:*:*:*:*:*:*:*:* |
| tincan | phplist | 1.0 | cpe:2.3:a:tincan:phplist:1.0:*:*:*:*:*:*:* |
| tincan | phplist | 1.0.1 | cpe:2.3:a:tincan:phplist:1.0.1:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.2b | cpe:2.3:a:tincan:phplist:1.1.2b:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.3b | cpe:2.3:a:tincan:phplist:1.1.3b:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.4b | cpe:2.3:a:tincan:phplist:1.1.4b:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.5 | cpe:2.3:a:tincan:phplist:1.1.5:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.5b | cpe:2.3:a:tincan:phplist:1.1.5b:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.6 | cpe:2.3:a:tincan:phplist:1.1.6:*:*:*:*:*:*:* |
| tincan | phplist | 1.1.7 | cpe:2.3:a:tincan:phplist:1.1.7:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2012-5228
2012-10-01 20:00:00
cve
cve
CVE-2012-5228
2012-10-01 20:55:04
prion
prion
Cross site scripting
2012-10-01 20:55:00
exploitdb
exploitdb
phpList 2.10.9 - Cross-Site Request Forgery / Cross-Site Scripting
2012-01-26 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.003
Percentile
69.8%
Related for NVD:CVE-2012-5228