Every CVE whose affected-product data names Lsoft Listserv, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2000-0425 — CVSS 10.0 (critical): Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands.
CVE-2000-0632 — CVSS 7.5 (high): Buffer overflow in the web archive component of L-Soft Listserv 1.8d and earlier allows remote attackers to execute arbitrary commands via…
CVE-2022-40319 — CVSS 7.5 (high): The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References (IDOR) attacks via a modified email…
CVE-2005-1773 — CVSS 7.5 (high): Multiple unknown vulnerabilities in L-Soft LISTSERV 14.3, 1.8e, and 1.8d allow remote attackers to execute arbitrary code or cause a denial…
CVE-2006-1044 — CVSS 7.5 (high): Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote…
CVE-2023-27641 — CVSS 6.1 (medium): The REPORT (after z but before a) parameter in wa.exe in L-Soft LISTSERV 16.5 before 17 allows an attacker to conduct XSS attacks via a…
CVE-2019-15501 — CVSS 6.1 (medium): Reflected cross site scripting (XSS) in L-Soft LISTSERV before 16.5-2018a exists via the /scripts/wa.exe OK parameter.
CVE-2022-39195 — CVSS 6.1 (medium): A cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML…
CVE-2010-2723 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in LISTSERV 15 and 16 allows remote attackers to inject arbitrary web script or HTML via the T…