This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Mlmmj First view 2010-08-02
Product Mlmmj Last view 2010-08-02
Version 1.2.15 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:mlmmj:mlmmj

Activity : Overall

Related : CVE

  Date Alert Description
6.5 2010-08-02 CVE-2009-4896

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful (mlmmj) 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. (dot dot) in a list name in a (1) edit or (2) save action.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...

Open Source Vulnerability Database (OSVDB)

id Description
66515 mlmmj on Debian Administrative Interface Traversal Arbitrary File Deletion

OpenVAS Exploits

id Description
2010-08-21 Name : Debian Security Advisory DSA 2073-1 (mlmmj)
File : nvt/deb_2073_1.nasl

Nessus® Vulnerability Scanner

id Description
2014-12-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201412-08.nasl - Type: ACT_GATHER_INFO
2010-07-22 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2073.nasl - Type: ACT_GATHER_INFO