Description
SQL injection vulnerability in admin/index.php in phpList before 2.10.19 allows remote administrators to execute arbitrary SQL commands via the delete parameter to the editattributes page.
Remediation
References
Related Vulnerabilities
Django URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-7233)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2355)
MySQL CVE-2013-1502 Vulnerability (CVE-2013-1502)
Liferay Portal Observable Discrepancy Vulnerability (CVE-2024-25146)
WordPress Plugin Lazy content Slider Cross-Site Request Forgery (3.4)