Arbitrary File Execution via Directory Traversal in GNU Mailman
CVE-2015-2775 · HIGH Severity
AV:N/AC:H/AU:N/C:C/I:C/A:C
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
Learn more about our Web Application Penetration Testing UK.