Vulnerabilities > Smartisoft > Phplistpro > 2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-22 | CVE-2006-2523 | Remote Security vulnerability in Smartisoft PHPlistpro 2.0 PHP remote file inclusion vulnerability in config.php in phpListPro 2.0.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary PHP code via a URL in the Language cookie. | 7.5 |
| 2006-05-12 | CVE-2006-2323 | Remote Security vulnerability in Smartisoft PHPlistpro 2.0 Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpListPro 2.01 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the returnpath parameter in (1) editsite.php, (2) addsite.php, and (3) in.php. | 5.1 |