CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

RedhatCVE•added 2025/05/22 11:26 p.m.•2 views

CVE-2022-40319

The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References IDOR attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim's LISTSERV account...

7.5CVSS7.3AI score0.31721EPSS

Exploits4References1

RedhatCVE•added 2025/05/22 10:9 p.m.•3 views

CVE-2022-39195

A cross-site scripting XSS vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the c parameter...

6.1CVSS5.6AI score0.09973EPSS

Exploits4References1

0day.today•added 2023/03/30 12:0 a.m.•493 views

LISTSERV 17 - Insecure Direct Object Reference (IDOR) Vulnerability

Exploit Title: LISTSERV 17 - Insecure Direct Object Reference IDOR Google Dork: inurl:/scripts/wa.exe Exploit Author: Shaunt Der-Grigorian Vendor Homepage: https://www.lsoft.com/ Software Link: https://www.lsoft.com/download/listserv.asp Version: 17 Tested on: Windows Server 2019 CVE :...

7.5CVSS7.6AI score0.31721EPSS

Exploits4

Exploit DB•added 2023/03/30 12:0 a.m.•157 views

LISTSERV 17 - Insecure Direct Object Reference (IDOR)

Exploit Title: LISTSERV 17 - Insecure Direct Object Reference IDOR Google Dork: inurl:/scripts/wa.exe Date: 12/02/2022 Exploit Author: Shaunt Der-Grigorian Vendor Homepage: https://www.lsoft.com/ Software Link: https://www.lsoft.com/download/listserv.asp Version: 17 Tested on: Windows Server 2019...

7.5CVSS7.6AI score0.31721EPSS

Exploits4

0day.today•added 2023/03/30 12:0 a.m.•265 views

LISTSERV 17 - Reflected Cross Site Scripting Vulnerability

Exploit Title: LISTSERV 17 - Reflected Cross Site Scripting XSS Google Dork: inurl:/scripts/wa.exe Exploit Author: Shaunt Der-Grigorian Vendor Homepage: https://www.lsoft.com/ Software Link: https://www.lsoft.com/download/listserv.asp Version: 17 Tested on: Windows Server 2019 CVE : CVE-2022-3919...

6.1CVSS6.4AI score0.09973EPSS

Exploits4

Exploit DB•added 2023/03/30 12:0 a.m.•197 views

LISTSERV 17 - Reflected Cross Site Scripting (XSS)

Exploit Title: LISTSERV 17 - Reflected Cross Site Scripting XSS Google Dork: inurl:/scripts/wa.exe Date: 12/01/2022 Exploit Author: Shaunt Der-Grigorian Vendor Homepage: https://www.lsoft.com/ Software Link: https://www.lsoft.com/download/listserv.asp Version: 17 Tested on: Windows Server 2019 CV...

6.1CVSS6.3AI score0.09973EPSS

Exploits4

0day.today•added 2023/01/18 12:0 a.m.•413 views

LISTSERV 17 Cross Site Scripting Vulnerability

Exploit Title: LISTSERV 17 - Reflected Cross Site Scripting XSS Exploit Author: Shaunt D Vendor Homepage: https://www.lsoft.com/ Version: 17 Tested on: Windows Server 2019 CVE : CVE-2022-39195 A reflected cross-site scripting XSS vulnerability in the LISTSERV 17 web interface allows remote...

6.1CVSS0.09973EPSS

Exploits4

0day.today•added 2023/01/18 12:0 a.m.•347 views

LISTSERV 17 Insecure Direct Object Reference Vulnerability

Exploit Title: LISTSERV 17 - Insecure Direct Object Reference IDOR Exploit Author: Shaunt D Vendor Homepage: https://www.lsoft.com/ Version: 17 Tested on: Windows Server 2019 CVE : CVE-2022-40319 Steps to replicate 1. Create two accounts on your LISTSERV 17 installation, logging into each one in ...

7.5CVSS0.3AI score0.31721EPSS

Exploits4

NVD•added 2023/01/17 9:15 p.m.•11 views

CVE-2022-39195

A cross-site scripting XSS vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the c parameter...

6.1CVSS5.9AI score0.09973EPSS

Exploits4References2

Prion•added 2023/01/17 9:15 p.m.•14 views

Design/Logic Flaw

5CVSS7.4AI score0.31721EPSS

Exploits4References2Affected Software1

Prion•added 2023/01/17 9:15 p.m.•12 views

Cross site scripting

A cross-site scripting XSS vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the c parameter...

5.8CVSS5.9AI score0.09973EPSS

Exploits4References2Affected Software1

Positive Technologies•added 2023/01/17 12:0 a.m.•3 views

PT-2023-13785 · L Soft · Listserv 17

Name of the Vulnerable Software and Affected Versions: LISTSERV 17 Description: The LISTSERV 17 web interface is affected by an issue that allows remote attackers to conduct Insecure Direct Object References IDOR attacks. This is achieved via a modified email address in a "wa.exe" URL, resulting ...

7.5CVSS7.4AI score0.31721EPSS

Exploits4References6

Packet Storm•added 2023/01/17 12:0 a.m.•256 views

LISTSERV 17 Insecure Direct Object Reference

7.8AI score0.31721EPSS

Exploits4

Cvelist•added 2023/01/17 12:0 a.m.•16 views

CVE-2022-39195

A cross-site scripting XSS vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the c parameter...

6.1AI score0.09973EPSS

Exploits4References2

Packet Storm•added 2023/01/17 12:0 a.m.•220 views

LISTSERV 17 Cross Site Scripting

0.09973EPSS

Exploits4

CVE•added 2023/01/17 12:0 a.m.•73 views

CVE-2022-39195

CVE-2022-39195 concerns LISTSERV 17 web interface vulnerability: a cross-site scripting (XSS) flaw allows remote attackers to inject arbitrary JavaScript/HTML via the c parameter. Exploitation could execute scripts in a user’s browser, potentially enabling cookie-based credential access or other ...

6.1CVSS5.8AI score0.09973EPSS

Exploits4References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by