{"id":"CVE-2015-1306","details":"The newsletter posting area in the web interface in Sympa 6.0.x before 6.0.10 and 6.1.x before 6.1.24 allows remote attackers to read arbitrary files via unspecified vectors.","modified":"2026-04-10T03:45:05.656120Z","published":"2015-01-22T15:59:00Z","references":[{"type":"ADVISORY","url":"http://advisories.mageia.org/MGASA-2015-0085.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/62387"},{"type":"ADVISORY","url":"http://secunia.com/advisories/62442"},{"type":"ADVISORY","url":"http://www.debian.org/security/2015/dsa-3134"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:051"},{"type":"ADVISORY","url":"https://www.sympa.org/security_advisories"},{"type":"FIX","url":"https://www.sympa.org/security_advisories"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2015/01/20/4"},{"type":"WEB","url":"http://www.securityfocus.com/bid/72277"}],"schema_version":"1.7.5"}