Total
44 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0855 | 1 Gnu | 1 Mailman | 2024-02-04 | 7.5 HIGH | N/A |
Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature. | |||||
CVE-2004-0412 | 1 Gnu | 1 Mailman | 2024-02-04 | 5.0 MEDIUM | N/A |
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | |||||
CVE-2001-1132 | 1 Gnu | 1 Mailman | 2024-02-04 | 7.5 HIGH | N/A |
Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication. | |||||
CVE-2003-0965 | 1 Gnu | 1 Mailman | 2024-02-04 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities. |