Description

Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.

Remediation

References

CVE-2001-1132

Related Vulnerabilities

WordPress Plugin HTML5 Video Player-Best WordPress Video Player and Block SQL Injection (2.5.26)

jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18405)

MediaWiki Improper Authentication Vulnerability (CVE-2018-0505)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3544)

Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-35133)

Severity

High

Classification

CVE-2001-1132

Tags

Missing Update Known Vulnerabilities