Description
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
Remediation
References
Related Vulnerabilities
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7251)
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-41414)
Liferay DXP Other Vulnerability (CVE-2023-33947)
WordPress Plugin Content Blocks (Custom Post Widget) Local File Inclusion (3.3.0)
MediaWiki Release of Invalid Pointer or Reference Vulnerability (CVE-2022-28203)