Vulnerabilities > Smartisoft > Phplistpro
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-22 | CVE-2006-2523 | Remote Security vulnerability in Smartisoft PHPlistpro 2.0 PHP remote file inclusion vulnerability in config.php in phpListPro 2.0.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary PHP code via a URL in the Language cookie. | 7.5 |
| 2006-05-12 | CVE-2006-2323 | Remote Security vulnerability in Smartisoft PHPlistpro 2.0 Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpListPro 2.01 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the returnpath parameter in (1) editsite.php, (2) addsite.php, and (3) in.php. | 5.1 |
| 2006-04-12 | CVE-2006-1749 | Code Injection vulnerability in Smartisoft PHPlistpro 2.01 PHP remote file inclusion vulnerability in config.php in phpListPro 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the returnpath parameter. | 7.5 |