Description
SQL injection vulnerability in public_html/lists/admin in phpList before 2.10.18 allows remote attackers to execute arbitrary SQL commands via the sortby parameter in a find action.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP-Paginate Cross-Site Scripting (1.2.1)
PostgreSQL Improper Certificate Validation Vulnerability (CVE-2021-43766)
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-0788)
WebLogic Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-27568)
PHP Use of Externally-Controlled Format String Vulnerability (CVE-2010-2950)