CVE-2006-5321
published 2006-10-17CVE-2006-5321: Multiple cross-site scripting (XSS) vulnerabilities in phplist before 2.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified…
PriorityP413medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.12%
62.0th percentile
Multiple cross-site scripting (XSS) vulnerabilities in phplist before 2.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phplist | phplist | — | — |
| tincan | phplist | <= 2.10.2 | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
| tincan | phplist | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xvx6-9cq2-q2x7: Multiple cross-site scripting (XSS) vulnerabilities in phplist before 2
ghsa_unreviewed·2022-05-01
CVE-2006-5321 [MEDIUM] GHSA-xvx6-9cq2-q2x7: Multiple cross-site scripting (XSS) vulnerabilities in phplist before 2
Multiple cross-site scripting (XSS) vulnerabilities in phplist before 2.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
GHSA
GHSA-4rv5-cvr5-mg5p: Cross-site scripting (XSS) vulnerability in index
ghsa_unreviewed·2022-05-01·CVSS 4.3
CVE-2006-5524 [MEDIUM] GHSA-4rv5-cvr5-mg5p: Cross-site scripting (XSS) vulnerability in index
Cross-site scripting (XSS) vulnerability in index.php in phplist 2.10.2 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: This issue might overlap CVE-2006-5321.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2006-10-17
Published