Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
listmanager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0863
Buffer overflow in listmanager earlier than 2.105.1 allows local users to gain additional privileges.
Listmanager Linux 2.100
Listmanager Linux 2.101
Listmanager Linux 2.99
Listmanager Linux
Listmanager Linux 2.102
Listmanager Linux 2.103
Listmanager Linux 2.97
Listmanager Linux 2.98
Listmanager Linux 2.104
Listmanager Linux 2.105.1
NA
CVE-2005-4142
The web interface for subscribing new users in Lyris ListManager 5.0 up to and including 8.8b, in combination with a line wrap feature, allows remote malicious users to execute arbitrary list administration commands via LFCR (%0A%0D) sequences in the pw parameter. NOTE: it is not...
Lyris Technologies Inc Listmanager 7.0
Lyris Technologies Inc Listmanager 8.0
Lyris Technologies Inc Listmanager 8.8a
Lyris Technologies Inc Listmanager 5.0
Lyris Technologies Inc Listmanager 6.0
NA
CVE-2005-4145
The MSDE version of Lyris ListManager 5.0 up to and including 8.9b configures the sa account in the database to use a password with a small search space ("lyris" and up to 5 digits, possibly from the process ID), which allows remote malicious users to gain access via a ...
Lyris Technologies Inc Listmanager 6.0
Lyris Technologies Inc Listmanager 7.0
Lyris Technologies Inc Listmanager 8.0
Lyris Technologies Inc Listmanager 8.8a
Lyris Technologies Inc Listmanager 5.0
1 EDB exploit
NA
CVE-2005-4146
Lyris ListManager prior to 8.9b allows remote malicious users to obtain sensitive information via a request to the TCLHTTPd status module, which provides sensitive server configuration information.
Lyris Technologies Inc Listmanager 8.0
Lyris Technologies Inc Listmanager 8.8a
Lyris Technologies Inc Listmanager 5.0
Lyris Technologies Inc Listmanager 6.0
Lyris Technologies Inc Listmanager 7.0
NA
CVE-2005-4147
The TCLHTTPd service in Lyris ListManager prior to 8.9b allows remote malicious users to obtain source code for arbitrary .tml (TCL) files via (1) a request with a trailing null byte (%00), which might also require (2) an authentication bypass step that involves a username with a...
Lyris Technologies Inc Listmanager 5.0
Lyris Technologies Inc Listmanager 6.0
Lyris Technologies Inc Listmanager 7.0
Lyris Technologies Inc Listmanager 8.0
Lyris Technologies Inc Listmanager 8.8a
NA
CVE-2005-4148
Lyris ListManager 8.5, and possibly other versions prior to 8.8, includes sensitive information in the env hidden variable, which allows remote malicious users to obtain information such as the installation path by requesting a non-existent page and reading the env variable from ...
Lyris Technologies Inc Listmanager 5.0
Lyris Technologies Inc Listmanager 6.0
Lyris Technologies Inc Listmanager 7.0
Lyris Technologies Inc Listmanager 8.0
Lyris Technologies Inc Listmanager 8.8a
NA
CVE-2005-4149
Lyris ListManager 8.8 up to and including 8.9b allows remote malicious users to obtain sensitive information by causing errors in TML scripts, such as via direct requests, which leaks the installation path, SQL queries, or product code in diagnostic messages.
Lyris Technologies Inc Listmanager 7.0
Lyris Technologies Inc Listmanager 8.0
Lyris Technologies Inc Listmanager 8.8a
Lyris Technologies Inc Listmanager 5.0
Lyris Technologies Inc Listmanager 6.0
NA
CVE-2005-4143
SQL injection vulnerability in Lyris ListManager 5.0 up to and including 8.9a allows remote malicious users to execute arbitrary SQL commands via SQL code after a numeric argument to a /read/attachment URL.
Lyris List Manager 5.0
Lyris List Manager 6.0
Lyris List Manager 7.0
Lyris List Manager 8.0
Lyris List Manager 8.8a
1 EDB exploit
NA
CVE-2014-5188
Cross-site scripting (XSS) vulnerability in doemailpassword.tml in Lyris ListManager (LM) 8.95a allows remote malicious users to inject arbitrary web script or HTML via the EmailAddr parameter.
Lyris List Manager 8.95a
NA
CVE-2008-2923
Cross-site scripting (XSS) vulnerability in read/search/results in Lyris ListManager 8.8, 8.95, and 9.3d allows remote malicious users to inject arbitrary web script or HTML via the words parameter.
Lyris List Manager 8.8
Lyris List Manager 8.95
Lyris List Manager 9.3d
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »