CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Endymion: >> Mailman Webmail >> 3.0.20 Security Vulnerabilities

CVE-2002-0417

Directory traversal vulnerability in Endymion MailMan before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) and a null character in the ALTERNATE_TEMPLATES parameter for various mmstdo*.cgi programs.

CVSS Score

5.0

EPSS Score

0.012

Published

2002-08-12

CVE-2001-0021

MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternate_template parameter.

CVSS Score

10.0

EPSS Score

0.095

Published

2001-02-16

Page 1

Vulnerabilities

Vulnerable Software

Endymion: >> Mailman Webmail >> 3.0.20 Security Vulnerabilities

Products

Pricing

Contact Us