CVE-2021-3188
First published: Thu Jan 21 2021(Updated: )
phpList 3.6.0 allows CSV injection, related to the email parameter, and /lists/admin/ exports.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PHPList | =3.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for phpList 3.6.0?
The vulnerability ID for phpList 3.6.0 is CVE-2021-3188.
What is the severity of CVE-2021-3188?
CVE-2021-3188 has a severity level of critical.
What is the affected software version for CVE-2021-3188?
The affected software version for CVE-2021-3188 is phpList 3.6.0.
What is CSV injection?
CSV injection is a type of attack that occurs when an attacker is able to insert malicious data into a CSV file, which can lead to the execution of arbitrary code.
How can I fix the vulnerability in phpList 3.6.0?
To fix the vulnerability in phpList 3.6.0, you should update to a version that is not affected by the vulnerability and follow any recommended security measures provided by the software vendor.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/phplist
- canonical/phplist
- version/phplist/3.6.0