Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu mailman vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0182
Mailman prior to 2.0.13 allows remote malicious users to cause a denial of service (crash) via an email message with an empty subject field.
Gnu Mailman
NA
CVE-2006-4624
CRLF injection vulnerability in Utils.py in Mailman prior to 2.1.9rc1 allows remote malicious users to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI.
Gnu Mailman
NA
CVE-2003-0965
Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman prior to 2.1.4 allows remote malicious users to steal session cookies and conduct unauthorized activities.
Gnu Mailman
NA
CVE-2003-0992
Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman prior to 2.1.3 allows remote malicious users to steal cookies of other users.
Gnu Mailman
NA
CVE-2006-2191
Format string vulnerability in Mailman prior to 2.1.9 allows malicious users to execute arbitrary code via unspecified vectors. NOTE: the vendor has disputed this vulnerability, stating that it is "unexploitable.
Gnu Mailman
6.5
CVSSv3
CVE-2018-13796
An issue exists in GNU Mailman prior to 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
Gnu Mailman
NA
CVE-2006-1712
Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote malicious users to inject arbitrary web script or HTML via the action argument.
Gnu Mailman 2.1.7
NA
CVE-2003-0038
Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote malicious users to inject script or HTML into web pages via the (1) email or (2) language parameters.
Gnu Mailman 2.1
2 EDB exploits
NA
CVE-2002-0855
Cross-site scripting vulnerability in Mailman prior to 2.0.12 allows remote malicious users to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.
Gnu Mailman 2.0.12
2 EDB exploits
NA
CVE-2000-0861
Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion.
Gnu Mailman 1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »