关联漏洞
标题:
phpList 安全漏洞
(CVE-2025-28073)
描述:phpList是phpList开源的一个功能齐全的开源电子邮件营销经理,用于创建、发送、集成和分析电子邮件活动和通讯。 phpList 3.6.3版本存在安全漏洞,该漏洞源于对参数id的错误操作导致反射型跨站脚本攻击。
介绍
# CVE-2025-28073
[Suggested description]
phpList 3.6.3 is vulnerable to Reflected Cross-Site Scripting (XSS) via
the /lists/dl.php endpoint. An attacker can inject arbitrary JavaScript
code by manipulating the id parameter, which is improperly sanitized.
------------------------------------------
[Vulnerability Type]
Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]
phpList
------------------------------------------
[Affected Product Code Base]
phpList - 3.6.15 (and possibly earlier versions)
------------------------------------------
[Affected Component]
phpList /lists/dl.php, phpList 3.6.15 (and possibly earlier versions)
------------------------------------------
[Attack Type]
Remote
------------------------------------------
[CVE Impact Other]
Session Hijacking, Credential Theft, Phishing Attacks, Arbitrary JavaScript Execution
------------------------------------------
[Attack Vectors]
This vulnerability is exploitable via a crafted URL containing malicious JavaScript code. A remote attacker can trick a victim into clicking a specially crafted link containing an XSS payload. When the victim accesses the vulnerable /lists/dl.php endpoint, the payload executes in their browser context. This may allow the attacker to steal session cookies, perform actions on behalf of the victim, or inject malicious content into the affected phpList instance.
------------------------------------------
[Reference]
https://github.com/phpList/phplist3
https://cve.mitre.org
https://www.exploit-db.com
------------------------------------------
[Discoverer]
Pattharadech Soponrat
文件快照
[4.0K] /data/pocs/b7061f91ce9ddd1008344ab89b301f2a85b5bdc8
└── [1.6K] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。