3 matches found
CVE-2019-15501
CVE-2019-15501 is a reflected cross-site scripting vulnerability in L-Soft LISTSERV prior to version 16.5-2018a. The flaw is triggered via the /scripts/wa.exe OK parameter, allowing an attacker to execute arbitrary JavaScript in the victim’s browser when the page is loaded. The CVE entry notes a ...
CVE-2023-27641
The CVE-2023-27641 vulnerability affects L-Soft LISTSERV, specifically wa.exe in LISTSERV 16.5 prior to version 17. The issue is a Cross-Site Scripting (XSS) flaw in the REPORT parameter (after z but before a) that can be triggered by a crafted URL. Impact described in connected sources includes ...
CVE-1999-0252
The CVE-1999-0252 entry concerns a buffer overflow in Listserv that allows arbitrary command execution. Connected sources corroborate: Red Hat and CVE ecosystems reference a buffer overflow in Listserv enabling arbitrary command execution. EUVD-1999-0252 adds a malware note, but no explicit vendo...