Mailman Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2015-2775
Directory traversal vulnerability in GNU Mailman before 2.1.20 when not using a static alias allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.