CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
Percentile
73.5%
Multiple directory traversal vulnerabilities in the mlmmj-php-admin web
interface for Mailing List Managing Made Joyful (mlmmj) 1.2.15 through
1.2.17 allow remote authenticated users to overwrite, create, or delete
arbitrary files, or determine the existence of arbitrary directories, via a
… (dot dot) in a list name in a (1) edit or (2) save action.