Summary
PHPList is prone to a security-bypass vulnerability and an information- disclosure vulnerability.
An attacker can exploit these issues to gain access to sensitive information and send arbitrary messages to registered users. Other attacks are also possible.
References