By HireHackking in HACKER
· 1 view
source: https://www.securityfocus.com/bid/49188/info
PHPList is prone to a security-bypass vulnerability and an information-disclosure vulnerability.
An attacker can exploit these issues to gain access to sensitive information and send arbitrary messages to registered users. Other attacks are also possible.
http://www.example.com/lists/?p=forward&uid=VALID_UID&mid=ID
http://www.example.com/lists/?p=forward&uid=foo&mid=ID
Recommended Comments