Description

Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.

Remediation

References

CVE-2001-1132

Related Vulnerabilities

Moodle Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9186)

WordPress Plugin ClickSold IDX Cross-Site Scripting (1.48)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0287)

WordPress Plugin Yoast SEO Cross-Site Scripting (22.6)

WordPress 5.5.x Directory Traversal (5.5 - 5.5.14)

Severity

High

Classification

CVE-2001-1132

Tags

Missing Update Known Vulnerabilities