CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2025-43919
https://notcve.org/view.php?id=CVE-2025-43919
20 Apr 2025 — GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter. GNU Mailman 2.1.39, tal como se incluye en cPanel (y WHM), permite a atacantes no autenticados leer archivos arbitrarios a través de directory traversal ../ en /mailman/private/mailman (también conocido como el endpoint de autenticación de archivo privado) mediante el ... • https://github.com/0NYX-MY7H/CVE-2025-43919 • CWE-24: Path Traversal: '../filedir' •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-43920
https://notcve.org/view.php?id=CVE-2025-43920
20 Apr 2025 — GNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. GNU Mailman 2.1.39, incluido en cPanel (y WHM), permite a atacantes no autenticados ejecutar comandos arbitrarios del sistema operativo a través de metacaracteres de shell en la línea de asunto de un correo electrónico. GNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiv... • https://github.com/0NYX-MY7H/CVE-2025-43920 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2025-43921
https://notcve.org/view.php?id=CVE-2025-43921
20 Apr 2025 — GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. GNU Mailman 2.1.39, incluido en cPanel (y WHM), permite a atacantes no autenticados crear listas a través del endpoint /mailman/create. GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel o... • https://github.com/0NYX-MY7H/CVE-2025-43921 • CWE-863: Incorrect Authorization •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-34337
https://notcve.org/view.php?id=CVE-2021-34337
15 Apr 2023 — An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST API could use timing attacks to determine the value of the configured REST API password and then make arbitrary REST API calls. The REST API is bound to localhost by default, limiting the ability for attackers to exploit this, but can optionally be made to listen on other interfaces. • https://gitlab.com/mailman/mailman/-/commit/e4a39488c4510fcad8851217f10e7337a196bb51 • CWE-208: Observable Timing Discrepancy •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-44227 – mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover
https://notcve.org/view.php?id=CVE-2021-44227
02 Dec 2021 — In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes. En GNU Mailman versiones anteriores a 2.1.38, un miembro o moderador de la lista puede conseguir un token de tipo CSRF y diseñar una petición de administración (usando ese token) para establecer una nueva contraseña de administrador o hacer otros cambios A Cross-Site Request Forgery (CSRF) attack can be performed in mailman due to a CS... • https://bugs.launchpad.net/mailman/+bug/1952384 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43332 – Ubuntu Security Notice USN-5151-1
https://notcve.org/view.php?id=CVE-2021-43332
12 Nov 2021 — In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack. En GNU Mailman versiones anteriores a 2.1.36, el token CSRF para la página Cgi/admindb.py admindb contiene una versión encriptada de la contraseña del administrador de la lista. Esto podría ser potencialmente descifrado por un moderador por medio de un ataque de fuerza bruta fuera de líne... • https://bugs.launchpad.net/mailman/+bug/1949403 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43331 – Ubuntu Security Notice USN-5151-1
https://notcve.org/view.php?id=CVE-2021-43331
12 Nov 2021 — In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS. En GNU Mailman versiones anteriores a 2.1.36, una URL diseñada para la página de opciones de usuario Cgi/options.py puede ejecutar JavaScript arbitrario para XSS It was discovered that Mailman incorrectly handled certain URL. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Mailman incorrectly handled certain inputs. An attacker could possib... • https://bugs.launchpad.net/mailman/+bug/1949401 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.5EPSS: 1%CPEs: 2EXPL: 0CVE-2021-42097 – mailman: CSRF token bypass allows to perform CSRF attacks and account takeover
https://notcve.org/view.php?id=CVE-2021-42097
21 Oct 2021 — GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover). GNU Mailman versiones anteriores a 2.1.35, puede permitir una escalada de privilegios remota. Un valor csrf_token no es específico de una sola cuenta de usuario. • http://www.openwall.com/lists/oss-security/2021/10/21/4 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-42096 – mailman: CSRF token derived from admin password allows offline brute-force attack
https://notcve.org/view.php?id=CVE-2021-42096
21 Oct 2021 — GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password. GNU Mailman versiones anteriores a 2.1.35, puede permitir una Escalada de Privilegios remota. Un determinado valor de csrf_token es derivado de la contraseña del administrador, y puede ser útil para llevar a cabo un ataque de fuerza bruta contra esa contraseña Sensitive information is exposed to unprivilege... • http://www.openwall.com/lists/oss-security/2021/10/21/4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-38354 – GNU-Mailman Integration <= 1.0.6 Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-38354
09 Sep 2021 — The GNU-Mailman Integration WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the gm_error parameter found in the ~/includes/admin/mailing-lists-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.6. El plugin GNU-Mailman Integration de WordPress, es vulnerable a un ataque de tipo Cross-Site Scripting Reflejado por medio del parámetro gm_error encontrado en el archivo ~/includes/admin/mailing-lists-page.php que permite a atacantes inye... • https://plugins.trac.wordpress.org/browser/gnu-mailman-integration/trunk/includes/admin/mailing-lists-page.php?rev=859898#L34 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •