Description
A vulnerability was found in PHPList 3.2.6. It has been classified as critical. Affected is an unknown function of the file /lists/admin/ of the component Sending Campain. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.3.1 is able to address this issue. It is recommended to upgrade the affected component.
Remediation
References
Related Vulnerabilities
MySQL CVE-2016-5609 Vulnerability (CVE-2016-5609)
WordPress Plugin Stop User Enumeration User Enumeration (1.3.4)
WordPress Plugin PAYPAL CURRENCY CONVERTER BASIC FOR WOOCOMMERCE Arbitrary File Disclosure (1.3)
GlassFish CVE-2010-2397 Vulnerability (CVE-2010-2397)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-7233)