Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

usermin usermin 1.070 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2004-0588
Cross-site scripting (XSS) vulnerability in the web mail module for Usermin 1.070 allows remote malicious users to insert arbitrary HTML and script via e-mail messages.
Usermin Usermin 1.070
NA
CVE-2004-0583
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote malicious users to conduct a brute force attack to guess user IDs and passwords.
Usermin Usermin 1.070Webmin Webmin 1.1.40Debian Debian Linux 3.0
NA
CVE-2006-4246
Usermin prior to 1.220 (20060629) allows remote malicious users to read arbitrary files, possibly related to chfn/save.cgi not properly handling an empty shell parameter, which results in changing root's shell instead of the shell of a specified user.
Usermin Usermin 0.5Usermin Usermin 0.6Usermin Usermin 0.94Usermin Usermin 0.95Usermin Usermin 1.030Usermin Usermin 1.040Usermin Usermin 1.110Usermin Usermin 1.120Usermin Usermin 0.9Usermin Usermin 0.91Usermin Usermin 0.99Usermin Usermin 1.000Usermin Usermin 1.070Usermin Usermin 1.080Usermin Usermin 1.150Usermin UserminUsermin Usermin 0.4Usermin Usermin 0.92Usermin Usermin 0.93Usermin Usermin 1.010Usermin Usermin 1.020Usermin Usermin 1.090
NA
CVE-2004-1468
The web mail functionality in Usermin 1.x and Webmin 1.x allows remote malicious users to execute arbitrary commands via shell metacharacters in an e-mail message.
Usermin Usermin 1.000Usermin Usermin 1.080Webmin Webmin 1.0.00Webmin Webmin 1.1.00Webmin Webmin 1.1.10Usermin Usermin 1.030Usermin Usermin 1.040Webmin Webmin 1.0.60Webmin Webmin 1.0.70Webmin Webmin 1.1.40Webmin Webmin 1.1.50Usermin Usermin 1.010Usermin Usermin 1.020Webmin Webmin 1.0.20Webmin Webmin 1.0.50Webmin Webmin 1.1.21Webmin Webmin 1.1.30Usermin Usermin 1.051Usermin Usermin 1.060Usermin Usermin 1.070Webmin Webmin 1.0.80Webmin Webmin 1.0.90
NA
CVE-2003-0101
miniserv.pl in (1) Webmin prior to 1.070 and (2) Usermin prior to 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote malicious users to spoof a session ID and gai...
Usermin Usermin 0.6Usermin Usermin 0.7Usermin Usermin 0.96Usermin Usermin 0.97Usermin Usermin 0.4Usermin Usermin 0.5Usermin Usermin 0.93Usermin Usermin 0.94Usermin Usermin 0.95Usermin Usermin 0.8Usermin Usermin 0.9Usermin Usermin 0.98Usermin Usermin 0.99Engardelinux Guardian Digital Webtool 1.2Usermin Usermin 0.91Usermin Usermin 0.92Webmin Webmin 1.0.50Webmin Webmin 1.0.60
NA
CVE-2007-1276
Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin prior to 1.330 and Usermin prior to 1.260 allow remote malicious users to inject arbitrary web script or HTML via a crafted filename.
Usermin Usermin 1.040Usermin Usermin 1.051Usermin Usermin 1.120Usermin Usermin 1.130Webmin Webmin 1.0.00Webmin Webmin 1.0.10Webmin Webmin 1.0.70Webmin Webmin 1.0.80Webmin Webmin 1.1.40Webmin Webmin 1.1.50Webmin Webmin 1.2.20Usermin Usermin 1.020Usermin Usermin 1.030Usermin Usermin 1.100Usermin Usermin 1.110Usermin Usermin 1.240Usermin Usermin 1.250Webmin Webmin 1.0.51Webmin Webmin 1.0.60Webmin Webmin 1.1.21Webmin Webmin 1.1.30Usermin Usermin 1.060
NA
CVE-2004-0559
The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.
Usermin Usermin 1.060Usermin Usermin 1.070Webmin Webmin 1.0.80Webmin Webmin 1.0.90Usermin Usermin 1.020Usermin Usermin 1.030Webmin Webmin 1.0.20Webmin Webmin 1.0.50Webmin Webmin 1.1.21Webmin Webmin 1.1.30Usermin Usermin 1.000Usermin Usermin 1.010Usermin Usermin 1.080Webmin Webmin 1.0.00Webmin Webmin 1.1.00Webmin Webmin 1.1.10Usermin Usermin 1.040Usermin Usermin 1.051Webmin Webmin 1.0.60Webmin Webmin 1.0.70Webmin Webmin 1.1.40Webmin Webmin 1.1.50
NA
CVE-2005-1177
Unknown vulnerability in (1) Webmin and (2) Usermin prior to 1.200 causes Webmin to change permissions and ownership of configuration files, with unknown impact.
Usermin Usermin 0.8Usermin Usermin 0.9Usermin Usermin 0.98Usermin Usermin 0.99Usermin Usermin 1.060Usermin Usermin 1.070Usermin Usermin 1.140Webmin Webmin 0.4Webmin Webmin 0.93Webmin Webmin 0.94Webmin Webmin 1.0.10Webmin Webmin 1.0.20Webmin Webmin 1.0.90Webmin Webmin 1.1.00Usermin Usermin 0.4Usermin Usermin 0.5Usermin Usermin 0.93Usermin Usermin 0.94Usermin Usermin 1.020Usermin Usermin 1.030Usermin Usermin 1.100Usermin Usermin 1.110
NA
CVE-2014-3883
Usermin prior to 1.600 allows remote malicious users to execute arbitrary operating-system commands via unspecified vectors related to a user action.
Webmin Usermin 1.510Webmin Usermin 1.500Webmin Usermin 1.490Webmin Usermin 1.480Webmin Usermin 1.470Webmin Usermin 1.340Webmin Usermin 1.330Webmin Usermin 1.320Webmin Usermin 1.310Webmin Usermin 1.170Webmin Usermin 1.160Webmin Usermin 1.150Webmin Usermin 1.140Webmin Usermin 1.010Webmin Usermin 1.000Webmin Usermin 0.990Webmin Usermin 0.980Webmin Usermin 0.4Webmin UserminWebmin Usermin 1.580Webmin Usermin 1.570Webmin Usermin 1.560
NA
CVE-2014-3884
Cross-site scripting (XSS) vulnerability in Usermin prior to 1.600 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924.
Webmin Usermin 1.570Webmin Usermin 1.560Webmin Usermin 1.550Webmin Usermin 1.540Webmin Usermin 1.400Webmin Usermin 1.390Webmin Usermin 1.380Webmin Usermin 1.370Webmin Usermin 1.230Webmin Usermin 1.220Webmin Usermin 1.210Webmin Usermin 1.200Webmin Usermin 1.070Webmin Usermin 1.060Webmin Usermin 1.051Webmin Usermin 1.050Webmin Usermin 1.040Webmin Usermin 0.910Webmin Usermin 0.90Webmin Usermin 0.80Webmin Usermin 0.7Webmin Usermin 1.480
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook