Lucene search
K

8 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

WordPress plugin Blocksy 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.8CVSS6.2AI score0.00849EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.35 views

AlmaLinux 8 : mailman:2.1 (ALSA-2021:4826)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4826 advisory. mailman: CSRF token bypass allows to perform CSRF attacks and account takeover CVE-2021-42097 mailman: CSRF token derived from admin password allows offli...

8.5CVSS6.7AI score0.01289EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/11/02 12:0 a.m.27 views

Security update for mailman (important)

openSUSE Security Update: Security update for mailman Announcement ID: openSUSE-SU-2021:1436-1 Rating: important References: 1047218 1191959 1191960 Cross-References: CVE-2021-42096 CVE-2021-42097 CVSS scores: CVE-2021-42096 SUSE: 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2021-42097...

5.3CVSS7.2AI score0.01289EPSS
Exploits0References3
OSV
OSV
added 2021/10/21 1:15 a.m.1 views

CVE-2021-42097

GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrftoken value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin e.g., for account takeover...

8CVSS5.8AI score0.01289EPSS
Exploits0References4
OSV
OSV
added 2021/10/21 1:15 a.m.2 views

CVE-2021-42096

GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrftoken value is derived from the admin password, and may be useful in conducting a brute-force attack against that password...

4.3CVSS6.6AI score0.0121EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2021/10/21 12:40 a.m.24 views

CVE-2021-42096

Removed by vendor...

4.3CVSS6.6AI score0.0121EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2021/10/21 12:0 a.m.29 views

CVE-2021-42096

GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrftoken value is derived from the admin password, and may be useful in conducting a brute-force attack against that password...

4.3CVSS6.7AI score0.0121EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/10/21 12:0 a.m.2 views

PT-2021-23524 · Unknown +8 · Gnu Mailman +8

Name of the Vulnerable Software and Affected Versions: GNU Mailman versions prior to 2.1.35 Description: The issue allows remote Privilege Escalation. A csrf token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, an...

8.8CVSS6.7AI score0.02698EPSS
Exploits1References80
Rows per page
Query Builder