Ninjadesigns Mailist vulnerabilities
2 known vulnerabilities affecting ninjadesigns/mailist.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-0570P4MEDIUMCVSS 5.1PoCv3.02009-02-13
CVE-2009-0570 [MEDIUM] CWE-22 CVE-2009-0570: Directory traversal vulnerability in send.php in Ninja Designs Mailist 3.0, when register_globals is
Directory traversal vulnerability in send.php in Ninja Designs Mailist 3.0, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the load parameter. NOTE: some of these details are obtained from third party information.
nvd
CVE-2009-0571P4MEDIUMCVSS 5.0PoCv3.02009-02-13
CVE-2009-0571 [MEDIUM] CWE-264 CVE-2009-0571: admin.php in Ninja Designs Mailist 3.0 stores backup copies of maillist.php under the web root with
admin.php in Ninja Designs Mailist 3.0 stores backup copies of maillist.php under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the backup directory.
nvd