Vulnerabilities > Lyris > List Manager > 8.95a
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-08-07 | CVE-2014-5188 | Cross-Site Scripting vulnerability in Lyris List Manager 8.95A Cross-site scripting (XSS) vulnerability in doemailpassword.tml in Lyris ListManager (LM) 8.95a allows remote attackers to inject arbitrary web script or HTML via the EmailAddr parameter. | 4.3 |
| 2008-02-19 | CVE-2007-6319 | Permissions, Privileges, and Access Controls vulnerability in Lyris List Manager Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating "new accounts that collide with existing accounts." | 10.0 |