CVSS: 6.1EPSS: 1%CPEs: 25EXPL: 0CVE-2004-1177
https://notcve.org/view.php?id=CVE-2004-1177
10 Jan 2005 — Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=287555 •
CVSS: 9.8EPSS: 0%CPEs: 25EXPL: 0CVE-2004-1143
https://notcve.org/view.php?id=CVE-2004-1143
31 Dec 2004 — The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286796 •
CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 0CVE-2004-0412
https://notcve.org/view.php?id=CVE-2004-0412
03 Jun 2004 — Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. Mailman anteriores a 2.1.5 permiten a atacantes remotos obtener contraseñas de usuario mediante peticiones de correo electronico especialmente elaboradas. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842 •