Lucene search

Mailman Webmail Security Vulnerabilities

cve

CVE-1999-0850

The default permissions for Endymion MailMan allow local users to read email or modify files.

6.7AI Score

0.0004EPSS

2000-02-04 05:00 AM

cve

CVE-2001-0021

MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternate_template parameter.

7.7AI Score

0.082EPSS

2001-05-07 04:00 AM

cve

CVE-2002-0417

Directory traversal vulnerability in Endymion MailMan before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the ALTERNATE_TEMPLATES parameter for various mmstdo*.cgi programs.

7.1AI Score

0.01EPSS

2002-08-12 04:00 AM