Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
usermin vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-41157
Multiple stored cross-site scripting (XSS) vulnerabilities in Usermin 2.000 allow remote malicious users to inject arbitrary web script or HTML via the folder name parameter while creating the folder to manage the folder tab, filter tab, and forward mail tab.
Webmin Usermin 2.000
5.4
CVSSv3
CVE-2023-40986
A stored cross-site scripting (XSS) vulnerability in the Usermin Configuration function of Webmin v2.100 allows malicious users to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field.
Webmin Webmin 2.100
5.4
CVSSv3
CVE-2023-41156
A Stored Cross-Site Scripting (XSS) vulnerability in the filter and forward mail tab in Usermin 2.001 allows remote malicious users to inject arbitrary web script or HTML via the save to new folder named field while creating a new filter.
Webmin Usermin 2.001
5.4
CVSSv3
CVE-2023-41159
A Stored Cross-Site Scripting (XSS) vulnerability while editing the autoreply file page in Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML by editing the forward file manually.
Webmin Usermin 2.000
5.4
CVSSv3
CVE-2023-41160
A Stored Cross-Site Scripting (XSS) vulnerability in the SSH configuration tab in Usermin 2.001 allows remote malicious users to inject arbitrary web script or HTML via the key name field while adding an authorized key.
Webmin Usermin 2.001
5.4
CVSSv3
CVE-2023-41152
A Stored Cross-Site Scripting (XSS) vulnerability in the MIME type programs tab in Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML via the handle program field while creating a new MIME type program.
Webmin Usermin 2.000
5.4
CVSSv3
CVE-2023-41154
A Stored Cross-Site Scripting (XSS) vulnerability in the scheduled cron jobs tab in Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML via the value field parameter while creating a new environment variable.
Webmin Usermin 2.000
5.4
CVSSv3
CVE-2023-41155
A Stored Cross-Site Scripting (XSS) vulnerability in the mail forwarding and replies tab in Webmin and Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML via the forward to field while creating a mail forwarding rule.
Webmin Webmin 2.000
Webmin Usermin 2.000
5.4
CVSSv3
CVE-2023-41158
A Stored Cross-Site Scripting (XSS) vulnerability in the MIME type programs tab in Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML via the description field while creating a new MIME type program.
Webmin Usermin 2.000
6.1
CVSSv3
CVE-2023-41162
A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down.
Webmin Usermin 2.000
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »