EUVD-2020-22025

Malware in sbrugna...

EUVD-2020-19415

Malware in sbrugna...

EUVD-2020-3342

Malware in sbrugna...

EUVD-2008-1649

Malware in sbrugna...

EUVD-2018-1939

Malware in sbrugna...

EUVD-2004-1729

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-26932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - debian/sympa.postinst for the Debian Sympa package before 6.2.40dfsg-7 uses mode 4755 for sympanewaliases-wrapper, whereas the intended permissions are mode 475...

The vulnerability of Sympa mailing list managers, related to the use of open redirection, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Sympa mailing list manager is related to the use of open redirection. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...

The vulnerability of Sympa mailing list managers, related to the lack of a mechanism for managing privileges, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Sympa mailing list manager is related to the lack of a mechanism for managing privileges. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and even cause service interruptions...

UBUNTU-CVE-2018-1000550

The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. This attack appear to be exploitable via HTTP GET/POST request. This...

CVE-2015-1306

The newsletter posting area in the web interface in Sympa 6.0.x before 6.0.10 and 6.1.x before 6.1.24 allows remote attackers to read arbitrary files via unspecified vectors...

Sympa <= 5.4.3 sympa.pl Local File Overwrite

Binary data 4626.prm...

Sympa < 5.4 Content-Type Header Remote DoS

Binary data 4454.prm...

CVE-2004-1735

Cross-site scripting XSS vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field...

CVE-2004-1735

Cross-site scripting XSS vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field...

CVE-2004-1735

Cross-site scripting XSS vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field...

DEBIAN-CVE-2004-1735

Cross-site scripting XSS vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field...

Sympa 4.x - New List HTML Injection

source: https://www.securityfocus.com/bid/10992/info An HTML injection vulnerability is reported in Sympa. The problem occurs due to a failure of the application to properly sanitize user-supplied input data. Unsuspecting users viewing the affected page will have attacker-supplied malicious code...