Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu mailman vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0202
Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and previous versions allows remote malicious users to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended ...
Gnu Mailman 2.1.4
Gnu Mailman 2.1.5
Gnu Mailman 2.1b1
Gnu Mailman 2.1.2
Gnu Mailman 2.1.3
Gnu Mailman 2.1
Gnu Mailman 2.1.1
NA
CVE-2004-0412
Mailman prior to 2.1.5 allows remote malicious users to obtain user passwords via a crafted email request to the Mailman server.
Gnu Mailman 2.1b1
Gnu Mailman 2.1.1
Gnu Mailman 2.1.2
Gnu Mailman 2.1
Gnu Mailman 2.1.3
Gnu Mailman 2.1.4
NA
CVE-2001-0884
Cross-site scripting vulnerability in Mailman email archiver prior to 2.08 allows malicious users to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.
Gnu Mailman 7.0
Gnu Mailman 5.1
Gnu Mailman 6.0
Gnu Mailman
Gnu Mailman 5.0
NA
CVE-2005-4153
Mailman 2.1.4 up to and including 2.1.6 allows remote malicious users to cause a denial of service via a message that causes the server to "fail with an Overflow on bad date data in a processed message," a different vulnerability than CVE-2005-3573.
Gnu Mailman 2.1.4
Gnu Mailman 2.1.5
Gnu Mailman 2.1.6
6.1
CVSSv3
CVE-2021-38354
The GNU-Mailman Integration WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the gm_error parameter found in the ~/includes/admin/mailing-lists-page.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including 1.0.6.
Gnu-mailman Integration Project Gnu-mailman Integration
NA
CVE-2001-0290
Vulnerability in Mailman 2.0.1 and previous versions allows list administrators to obtain user passwords.
Gnu Mailman
NA
CVE-2003-0992
Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman prior to 2.1.3 allows remote malicious users to steal cookies of other users.
Gnu Mailman
NA
CVE-2006-2191
Format string vulnerability in Mailman prior to 2.1.9 allows malicious users to execute arbitrary code via unspecified vectors. NOTE: the vendor has disputed this vulnerability, stating that it is "unexploitable.
Gnu Mailman
NA
CVE-2001-1132
Mailman 2.0.x prior to 2.0.6 allows remote malicious users to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.
Gnu Mailman
6.5
CVSSv3
CVE-2018-13796
An issue exists in GNU Mailman prior to 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
Gnu Mailman
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »