2020-12-25 05:24:04
mitre
PUBLISHED
phpList 3.5.9 allows SQL injection by admins who provide a crafted fourth line of a file to the "Config - Import Administrators" page.