Shodan
Vulnerabilities
Vulnerable Software
Lsoft:  >> Listserv  Security Vulnerabilities
CVE-2023-27641
The REPORT (after z but before a) parameter in wa.exe in L-Soft LISTSERV 16.5 before 17 allows an attacker to conduct XSS attacks via a crafted URL.
CVSS Score
6.1
EPSS Score
0.328
Published
2023-03-05
CVE-2022-39195
A cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the c parameter.
CVSS Score
6.1
EPSS Score
0.237
Published
2023-01-17
CVE-2022-40319
The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References (IDOR) attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim's LISTSERV account.
CVSS Score
7.5
EPSS Score
0.11
Published
2023-01-17
CVE-2019-15501
Reflected cross site scripting (XSS) in L-Soft LISTSERV before 16.5-2018a exists via the /scripts/wa.exe OK parameter.
CVSS Score
6.1
EPSS Score
0.152
Published
2019-08-26
CVE-2010-2723
Cross-site scripting (XSS) vulnerability in LISTSERV 15 and 16 allows remote attackers to inject arbitrary web script or HTML via the T parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
4.3
EPSS Score
0.003
Published
2010-07-13
CVE-2006-1044
Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has ended on 20060603.
CVSS Score
7.5
EPSS Score
0.251
Published
2006-03-07
CVE-2005-1773
Multiple unknown vulnerabilities in L-Soft LISTSERV 14.3, 1.8e, and 1.8d allow remote attackers to execute arbitrary code or cause a denial of service. NOTE: this candidate may be SPLIT in the future when more precise technical details become available.
CVSS Score
7.5
EPSS Score
0.02
Published
2005-05-31
CVE-2000-0632
Buffer overflow in the web archive component of L-Soft Listserv 1.8d and earlier allows remote attackers to execute arbitrary commands via a long query string.
CVSS Score
7.5
EPSS Score
0.018
Published
2000-07-17
CVE-2000-0425
Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands.
CVSS Score
10.0
EPSS Score
0.068
Published
2000-05-03
CVE-1999-0252
Buffer overflow in listserv allows arbitrary command execution.
CVSS Score
7.5
EPSS Score
0.009
Published
1997-01-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved