FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  450662
Date:      2017-09-26
Time:      13:20:00Z
Committer: swills

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
fd8bac56-c444-11e1-864b-001cc0877741phpList -- SQL injection and XSS vulnerability

Zero Science Lab reports:

Input passed via the parameter 'sortby' is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The param 'num' is vulnerable to a XSS issue where the attacker can execute arbitrary HTML and script code in a user's browser session in context of an affected site.


Discovery 2012-03-21
Entry 2012-07-02
phplist
le 2.10.17

CVE-2012-2740
CVE-2012-2741
52657
https://www.phplist.com/?lid=567
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5081.php