Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
usermin usermin 1.150 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3042
miniserv.pl in Webmin prior to 1.230 and Usermin prior to 1.160, when "full PAM conversations" is enabled, allows remote malicious users to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return).
Webmin Webmin 1.2.20
Usermin Usermin 1.150
NA
CVE-2006-4246
Usermin prior to 1.220 (20060629) allows remote malicious users to read arbitrary files, possibly related to chfn/save.cgi not properly handling an empty shell parameter, which results in changing root's shell instead of the shell of a specified user.
Usermin Usermin 0.5
Usermin Usermin 0.6
Usermin Usermin 0.94
Usermin Usermin 0.95
Usermin Usermin 1.030
Usermin Usermin 1.040
Usermin Usermin 1.110
Usermin Usermin 1.120
Usermin Usermin 0.9
Usermin Usermin 0.91
Usermin Usermin 0.99
Usermin Usermin 1.000
Usermin Usermin 1.070
Usermin Usermin 1.080
Usermin Usermin 1.150
Usermin Usermin
Usermin Usermin 0.4
Usermin Usermin 0.92
Usermin Usermin 0.93
Usermin Usermin 1.010
Usermin Usermin 1.020
Usermin Usermin 1.090
NA
CVE-2007-1276
Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin prior to 1.330 and Usermin prior to 1.260 allow remote malicious users to inject arbitrary web script or HTML via a crafted filename.
Usermin Usermin 1.040
Usermin Usermin 1.051
Usermin Usermin 1.120
Usermin Usermin 1.130
Webmin Webmin 1.0.00
Webmin Webmin 1.0.10
Webmin Webmin 1.0.70
Webmin Webmin 1.0.80
Webmin Webmin 1.1.40
Webmin Webmin 1.1.50
Webmin Webmin 1.2.20
Usermin Usermin 1.020
Usermin Usermin 1.030
Usermin Usermin 1.100
Usermin Usermin 1.110
Usermin Usermin 1.240
Usermin Usermin 1.250
Webmin Webmin 1.0.51
Webmin Webmin 1.0.60
Webmin Webmin 1.1.21
Webmin Webmin 1.1.30
Usermin Usermin 1.060
NA
CVE-2014-3884
Cross-site scripting (XSS) vulnerability in Usermin prior to 1.600 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924.
Webmin Usermin 1.570
Webmin Usermin 1.560
Webmin Usermin 1.550
Webmin Usermin 1.540
Webmin Usermin 1.400
Webmin Usermin 1.390
Webmin Usermin 1.380
Webmin Usermin 1.370
Webmin Usermin 1.230
Webmin Usermin 1.220
Webmin Usermin 1.210
Webmin Usermin 1.200
Webmin Usermin 1.070
Webmin Usermin 1.060
Webmin Usermin 1.051
Webmin Usermin 1.050
Webmin Usermin 1.040
Webmin Usermin 0.910
Webmin Usermin 0.90
Webmin Usermin 0.80
Webmin Usermin 0.7
Webmin Usermin 1.480
NA
CVE-2014-3883
Usermin prior to 1.600 allows remote malicious users to execute arbitrary operating-system commands via unspecified vectors related to a user action.
Webmin Usermin 1.510
Webmin Usermin 1.500
Webmin Usermin 1.490
Webmin Usermin 1.480
Webmin Usermin 1.470
Webmin Usermin 1.340
Webmin Usermin 1.330
Webmin Usermin 1.320
Webmin Usermin 1.310
Webmin Usermin 1.170
Webmin Usermin 1.160
Webmin Usermin 1.150
Webmin Usermin 1.140
Webmin Usermin 1.010
Webmin Usermin 1.000
Webmin Usermin 0.990
Webmin Usermin 0.980
Webmin Usermin 0.4
Webmin Usermin
Webmin Usermin 1.580
Webmin Usermin 1.570
Webmin Usermin 1.560
NA
CVE-2006-4542
Webmin prior to 1.296 and Usermin prior to 1.226 do not properly handle a URL with a null ("%00") character, which allows remote malicious users to conduct cross-site scripting (XSS), read CGI program source code, list directories, and possibly execute programs.
Usermin Usermin 0.7
Usermin Usermin 0.4
Usermin Usermin 0.92
Usermin Usermin 0.93
Usermin Usermin 0.94
Usermin Usermin 1.010
Usermin Usermin 1.020
Usermin Usermin 1.090
Usermin Usermin 1.100
Webmin Webmin 0.1
Webmin Webmin 0.2
Webmin Webmin 0.21
Webmin Webmin 0.5
Webmin Webmin 0.51
Webmin Webmin 0.80
Webmin Webmin 0.83
Webmin Webmin 0.93
Webmin Webmin 0.94
Webmin Webmin 1.0.10
Webmin Webmin 1.0.20
Webmin Webmin 1.0.80
Webmin Webmin 1.0.90
NA
CVE-2009-4568
Cross-site scripting (XSS) vulnerability in Webmin prior to 1.500 and Usermin prior to 1.430 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Webmin Webmin 0.3
Webmin Webmin 0.22
Webmin Webmin 0.7
Webmin Webmin 0.6
Webmin Webmin 0.970
Webmin Webmin 0.980
Webmin Webmin 0.51
Webmin Webmin 0.5
Webmin Webmin 0.83
Webmin Webmin 0.80
Webmin Webmin 0.2
Webmin Webmin 0.21
Webmin Webmin 1.370
Webmin Webmin 1.2.30
Webmin Webmin 1.2.60
Webmin Webmin 1.3.30
Webmin Webmin 1.337
Webmin Webmin 1.0.30
Webmin Webmin 1.1.00
Webmin Webmin 1.0.90
Webmin Webmin 0.84
Webmin Webmin 0.85
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started