Every CVE whose affected-product data names Lyris List Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2007-6319 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to…
CVE-2005-4143 — CVSS 7.5 (high): SQL injection vulnerability in Lyris ListManager 5.0 through 8.9a allows remote attackers to execute arbitrary SQL commands via SQL code…
CVE-2005-4144 — CVSS 7.5 (high): Lyris ListManager 5.0 through 8.9a allows remote attackers to add "ORDER BY" columns to SQL queries via unusual whitespace characters in…
CVE-2006-4546 — CVSS 6.5 (medium): Lyris ListManager 8.95 allows remote authenticated users, who have administrative privileges for at least one list on the server, to add…
CVE-2006-4547 — CVSS 6.5 (medium): Lyris ListManager 8.95 allows remote authenticated users to obtain sensitive information by attempting to add a user with a ' (single…
CVE-2000-0758 — CVSS 4.6 (medium): The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative access by modifying the value of the…
CVE-2008-2923 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in read/search/results in Lyris ListManager 8.8, 8.95, and 9.3d allows remote attackers to inject…
CVE-2014-5188 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in doemailpassword.tml in Lyris ListManager (LM) 8.95a allows remote attackers to inject arbitrary…