Related information

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

[SA17537] Dev-Editor Virtual Root Directory Restriction Bypass

[SA17470] OcoMon Unspecified SQL Injection Vulnerabilities

[Full-disclosure] phpBB 2.0.18 SQL Query problem

[SA17441] phpSysInfo "register_global s" Emulation Layer Overwrite Vulnerability

From:	tk_(at)_trapkit.de <tk_(at)_trapkit.de>
Date:	08.11.2005
Subject:	[TKADV2005-11-001] Multiple vulnerabilities in PHPlist

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Advisory:            Multiple vulnerabilities in PHPlist           
Name:                TKADV2005-11-001
Revision:            1.0              
Release Date:        2005/11/07
Last Modified:       2005/11/07
Author:              Tobias Klein (tk at trapkit.de)
Affected Software:   PHPlist (all versions <= 2.10.1)
Risk:                Critical ( ) High (x) Medium (x) Low (x)
Vendor URL:          http://www.phplist.com/
Vendor Status:       Vendor has released an updated version         

                   
=========
Overview:
=========

 PHPlist is a double opt-in newsletter manager. It is written in
 PHP and uses a SQL database for storing the information.

 Version 2.10.1 and prior contain multiple Cross Site Scripting
 and SQL Injection vulnerabilities. Furthermore it is possible to
 access and read arbitrary system files through a vulnerability in
 PHPlist.


=========
Solution:
=========

 Upgrade to PHPlist 2.10.2 or newer.
 
 http://www.phplist.com/files/
 

For more technical details see:

 http://www.trapkit.de/advisories/TKADV2005-11-001.txt


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQ2+xMpF8YHACG4RBEQLokQCg7cyW6AfrNYY7WZ06mPBrH3uos/cAn06l
roUuWofKu3koFc4l62Za1mEY
=rRgy
-----END PGP SIGNATURE-----