Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
usermin usermin 1.070 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0588
Cross-site scripting (XSS) vulnerability in the web mail module for Usermin 1.070 allows remote malicious users to insert arbitrary HTML and script via e-mail messages.
Usermin Usermin 1.070
NA
CVE-2004-0583
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote malicious users to conduct a brute force attack to guess user IDs and passwords.
Usermin Usermin 1.070
Webmin Webmin 1.1.40
Debian Debian Linux 3.0
NA
CVE-2006-4246
Usermin prior to 1.220 (20060629) allows remote malicious users to read arbitrary files, possibly related to chfn/save.cgi not properly handling an empty shell parameter, which results in changing root's shell instead of the shell of a specified user.
Usermin Usermin 0.5
Usermin Usermin 0.6
Usermin Usermin 0.94
Usermin Usermin 0.95
Usermin Usermin 1.030
Usermin Usermin 1.040
Usermin Usermin 1.110
Usermin Usermin 1.120
Usermin Usermin 0.9
Usermin Usermin 0.91
Usermin Usermin 0.99
Usermin Usermin 1.000
Usermin Usermin 1.070
Usermin Usermin 1.080
Usermin Usermin 1.150
Usermin Usermin
Usermin Usermin 0.4
Usermin Usermin 0.92
Usermin Usermin 0.93
Usermin Usermin 1.010
Usermin Usermin 1.020
Usermin Usermin 1.090
NA
CVE-2004-1468
The web mail functionality in Usermin 1.x and Webmin 1.x allows remote malicious users to execute arbitrary commands via shell metacharacters in an e-mail message.
Usermin Usermin 1.000
Usermin Usermin 1.080
Webmin Webmin 1.0.00
Webmin Webmin 1.1.00
Webmin Webmin 1.1.10
Usermin Usermin 1.030
Usermin Usermin 1.040
Webmin Webmin 1.0.60
Webmin Webmin 1.0.70
Webmin Webmin 1.1.40
Webmin Webmin 1.1.50
Usermin Usermin 1.010
Usermin Usermin 1.020
Webmin Webmin 1.0.20
Webmin Webmin 1.0.50
Webmin Webmin 1.1.21
Webmin Webmin 1.1.30
Usermin Usermin 1.051
Usermin Usermin 1.060
Usermin Usermin 1.070
Webmin Webmin 1.0.80
Webmin Webmin 1.0.90
NA
CVE-2003-0101
miniserv.pl in (1) Webmin prior to 1.070 and (2) Usermin prior to 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote malicious users to spoof a session ID and gai...
Usermin Usermin 0.6
Usermin Usermin 0.7
Usermin Usermin 0.96
Usermin Usermin 0.97
Usermin Usermin 0.4
Usermin Usermin 0.5
Usermin Usermin 0.93
Usermin Usermin 0.94
Usermin Usermin 0.95
Usermin Usermin 0.8
Usermin Usermin 0.9
Usermin Usermin 0.98
Usermin Usermin 0.99
Engardelinux Guardian Digital Webtool 1.2
Usermin Usermin 0.91
Usermin Usermin 0.92
Webmin Webmin 1.0.50
Webmin Webmin 1.0.60
1 EDB exploit
NA
CVE-2007-1276
Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin prior to 1.330 and Usermin prior to 1.260 allow remote malicious users to inject arbitrary web script or HTML via a crafted filename.
Usermin Usermin 1.040
Usermin Usermin 1.051
Usermin Usermin 1.120
Usermin Usermin 1.130
Webmin Webmin 1.0.00
Webmin Webmin 1.0.10
Webmin Webmin 1.0.70
Webmin Webmin 1.0.80
Webmin Webmin 1.1.40
Webmin Webmin 1.1.50
Webmin Webmin 1.2.20
Usermin Usermin 1.020
Usermin Usermin 1.030
Usermin Usermin 1.100
Usermin Usermin 1.110
Usermin Usermin 1.240
Usermin Usermin 1.250
Webmin Webmin 1.0.51
Webmin Webmin 1.0.60
Webmin Webmin 1.1.21
Webmin Webmin 1.1.30
Usermin Usermin 1.060
NA
CVE-2004-0559
The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.
Usermin Usermin 1.060
Usermin Usermin 1.070
Webmin Webmin 1.0.80
Webmin Webmin 1.0.90
Usermin Usermin 1.020
Usermin Usermin 1.030
Webmin Webmin 1.0.20
Webmin Webmin 1.0.50
Webmin Webmin 1.1.21
Webmin Webmin 1.1.30
Usermin Usermin 1.000
Usermin Usermin 1.010
Usermin Usermin 1.080
Webmin Webmin 1.0.00
Webmin Webmin 1.1.00
Webmin Webmin 1.1.10
Usermin Usermin 1.040
Usermin Usermin 1.051
Webmin Webmin 1.0.60
Webmin Webmin 1.0.70
Webmin Webmin 1.1.40
Webmin Webmin 1.1.50
NA
CVE-2005-1177
Unknown vulnerability in (1) Webmin and (2) Usermin prior to 1.200 causes Webmin to change permissions and ownership of configuration files, with unknown impact.
Usermin Usermin 0.8
Usermin Usermin 0.9
Usermin Usermin 0.98
Usermin Usermin 0.99
Usermin Usermin 1.060
Usermin Usermin 1.070
Usermin Usermin 1.140
Webmin Webmin 0.4
Webmin Webmin 0.93
Webmin Webmin 0.94
Webmin Webmin 1.0.10
Webmin Webmin 1.0.20
Webmin Webmin 1.0.90
Webmin Webmin 1.1.00
Usermin Usermin 0.4
Usermin Usermin 0.5
Usermin Usermin 0.93
Usermin Usermin 0.94
Usermin Usermin 1.020
Usermin Usermin 1.030
Usermin Usermin 1.100
Usermin Usermin 1.110
NA
CVE-2014-3883
Usermin prior to 1.600 allows remote malicious users to execute arbitrary operating-system commands via unspecified vectors related to a user action.
Webmin Usermin 1.510
Webmin Usermin 1.500
Webmin Usermin 1.490
Webmin Usermin 1.480
Webmin Usermin 1.470
Webmin Usermin 1.340
Webmin Usermin 1.330
Webmin Usermin 1.320
Webmin Usermin 1.310
Webmin Usermin 1.170
Webmin Usermin 1.160
Webmin Usermin 1.150
Webmin Usermin 1.140
Webmin Usermin 1.010
Webmin Usermin 1.000
Webmin Usermin 0.990
Webmin Usermin 0.980
Webmin Usermin 0.4
Webmin Usermin
Webmin Usermin 1.580
Webmin Usermin 1.570
Webmin Usermin 1.560
NA
CVE-2014-3884
Cross-site scripting (XSS) vulnerability in Usermin prior to 1.600 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924.
Webmin Usermin 1.570
Webmin Usermin 1.560
Webmin Usermin 1.550
Webmin Usermin 1.540
Webmin Usermin 1.400
Webmin Usermin 1.390
Webmin Usermin 1.380
Webmin Usermin 1.370
Webmin Usermin 1.230
Webmin Usermin 1.220
Webmin Usermin 1.210
Webmin Usermin 1.200
Webmin Usermin 1.070
Webmin Usermin 1.060
Webmin Usermin 1.051
Webmin Usermin 1.050
Webmin Usermin 1.040
Webmin Usermin 0.910
Webmin Usermin 0.90
Webmin Usermin 0.80
Webmin Usermin 0.7
Webmin Usermin 1.480
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »