Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities; these vulnerabilities stem from the function OpenAPIlistcreate in the SMF component, which may...

EUVD-2025-12590

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-43921

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third partie...

Ubuntu: Security Advisory (USN-7650-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GNU Mailman Unauthorized List Creation Vulnerability (CNVD-2025-09676)

GNU Mailman is a free suite of software for managing e-mail discussions and e-mail lists from the American GNU community. An unauthorized list creation vulnerability exists in GNU Mailman, which stems from unauthorized creation of lists and could lead to resource abuse. No details of the...

SUSE CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

CVE-2025-43921

GNU Mailman 2.1.39 (bundled with cPanel/WHM) is vulnerable to unauthenticated creation of mailing lists via the /mailman/create endpoint. The root cause is missing access controls in the create CGI script, enabling arbitrary list creation by anyone. Impact described across sources includes potent...

GNU Mailman 安全漏洞

GNU Mailman is a free suite of software for managing e-mail discussions and e-mail lists from the American GNU community. An unauthorized list creation vulnerability exists in GNU Mailman, which stems from unauthorized creation of lists and could lead to resource abuse. No details of the...

PT-2025-17399 · Unknown · Gnu Mailman

Name of the Vulnerable Software and Affected Versions: GNU Mailman version 2.1.39 Description: GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the "/mailman/create" endpoint. Recommendations: For GNU Mailman version 2.1.39, consider disabling...

CVE-2024-48120

X2CRM v8.5 is vulnerable to a stored Cross-Site Scripting XSS in the "Opportunities" module. An attacker can inject malicious JavaScript code into the "Name" field when creating a list...

Clansphere CMS 2011.4 Cross Site Scripting

Exploit Title: Clansphere CMS 2011.4 - Stored Cross-Site Scripting XSS Exploit Author: Sinem Şahin Date: 2022-10-08 Vendor Homepage: https://www.csphere.eu/ Version: 2011.4 Tested on: Windows & XAMPP == Tutorial http://HOST/index.php?mod=buddys&action=create&id=925872 2- Write XSS Payload into th...

CVE-2017-2674

JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a stored XSS via several lists in Business Central. The flaw is due to lack of sanitation of user input when creating new lists. Remote, authenticated attackers that have privileges to create lists can store scripts in them, which are no...

business-central: Multiple stored XSS in task and process filters

JBoss BRMS 6 and BPM Suite 6 are vulnerable to a stored XSS via several lists in Business Central. The flaw is due to lack of sanitation of user input when creating new lists. Remote, authenticated attackers that have privileges to create lists can store scripts in them, which are not properly...

password_profiling

This plugin creates a list of possible passwords by reading responses and counting the most common words. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understa...

CVE-2011-1682

Multiple cross-site request forgery CSRF vulnerabilities in phpList 2.10.13 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 create a list or 2 insert cross-site scripting XSS sequences. NOTE: this issue exists because of an incomplete fix for...

Sympa < 4.1.2 List Creation Authentication Bypass

Binary data 1733.prm...

Sympa < 4.1.3 List Creation Description Field XSS

Binary data 2119.prm...

Sympa wwsympa.fcgi Unauthorised List Creation

According to its version number, the installation of Sympa on the remote host has an authentication flaw within the web interface. An attacker, exploiting this flaw, would be able to bypass security mechanisms and perform listmaster functions. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...