Vulnerability CVE-2012-3952

Vulnerability CVE-2012-3952

Published: 2012-08-11 Modified: 2012-08-12

Description:

	Topic	Author	Date
Med.	phpList 2.10.18 Cross Site Scripting / SQL Injection	High-Tech Bridge...	09.08.2012

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
2.6/10	2.9/10	4.9/10

Affected software
Tincan -> Phplist

https://www.htbridge.com/advisory/HTB23100

http://xforce.iss.net/xforce/xfdb/77526

http://www.securityfocus.com/bid/54887

http://www.phplist.com/?lid=579

http://secunia.com/advisories/50150

http://osvdb.org/84482

http://archives.neohapsis.com/archives/bugtraq/2012-08/0059.html