NotCVE - vendor:"Gnu" product:"Mailman" version:"

Page 4 of 44 results (0.009 seconds)

CVSS: 6.1EPSS: 0%CPEs: 25EXPL: 0

CVE-2004-1177

https://notcve.org/view.php?id=CVE-2004-1177

10 Jan 2005 — Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=287555 •

CVSS: 9.8EPSS: 1%CPEs: 25EXPL: 0

CVE-2004-1143

https://notcve.org/view.php?id=CVE-2004-1143

31 Dec 2004 — The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286796 •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2004-0412

https://notcve.org/view.php?id=CVE-2004-0412

03 Jun 2004 — Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. Mailman anteriores a 2.1.5 permiten a atacantes remotos obtener contraseñas de usuario mediante peticiones de correo electronico especialmente elaboradas. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2004-0182

https://notcve.org/view.php?id=CVE-2004-0182

17 Apr 2004 — Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field. • ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc •

CVSS: 7.5EPSS: 1%CPEs: 21EXPL: 0

CVE-2003-0991

https://notcve.org/view.php?id=CVE-2003-0991

03 Mar 2004 — Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands. Vulnerabilidad desconocida en el manejador de instrucciones por correo en Mailman anteriores a 2.0.14 permite a atacantes remotos causar una denegación de servicio (caída) mediante instrucciones de correo electrónico malformadas. • ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2003-0992

https://notcve.org/view.php?id=CVE-2003-0992

15 Jan 2004 — Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el scritp de creación de CGI en Mailman anteriores a 2.1.3 permite a atacantes remotos robar cookies de otros usuarios. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842 •

CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0

CVE-2003-0965

https://notcve.org/view.php?id=CVE-2003-0965

15 Jan 2004 — Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Mailman anteriores a 2.1.4 permite a atacantes remotos robar cookies de sesión y llevar a cabo actividades no autorizadas. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842 •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2

CVE-2003-0038 – GNU Mailman 2.1 - 'email' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2003-0038

29 Jan 2003 — Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en options.py en Mailman 2.1 y anteriores permite a atacantes remotos inyectar script o HTML en páginas web mediante correo electrónico o parámetros de lenguaje. • https://www.exploit-db.com/exploits/22198 •

CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 3

CVE-2002-0855 – GNU Mailman 2.0.x - Admin Login Variant Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2002-0855

14 Aug 2002 — Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature. Vulnerabilidad de secuencias de comandos en sitios cruzados en Mailman 2.0.12 permite a atacantes remotos la ejecución de rutinas como otro usuario mediante las opciones de subscripción de la lista de subscriptores. • https://www.exploit-db.com/exploits/21642 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2002-0388 – GNU Mailman 2.0.x - Admin Login Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2002-0388

31 May 2002 — Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries. • https://www.exploit-db.com/exploits/21480 •

1 2 3 4 5