Endymion Mailman Webmail — known CVE vulnerabilities
Every CVE whose affected-product data names Endymion Mailman Webmail, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2001-0021 — CVSS 10.0 (critical): MailMan Webmail 3.0.25 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the alternate_template…
CVE-2002-0417 — CVSS 5.0 (medium): Directory traversal vulnerability in Endymion MailMan before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) and a…
CVE-1999-0850 — CVSS 3.6 (low): The default permissions for Endymion MailMan allow local users to read email or modify files.