CVE-2005-4142
The web interface for subscribing new users in Lyris ListManager 5.0 through 8.8b, in combination with a line wrap feature, allows remote attackers to execute arbitrary list administration commands via LFCR %0A%0D sequences in the pw parameter. NOTE: it is not clear whether this is a variant of a...