Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmin vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-38306
An issue exists in Webmin 2.021. A Cross-site Scripting (XSS) Bypass vulnerability exists in the file upload functionality. Normally, the application restricts the upload of certain file types such as .svg, .php, etc., and displays an error message if a prohibited file type is de...
Webmin Webmin 2.021
5.4
CVSSv3
CVE-2023-38303
An issue exists in Webmin 2.021. One can exploit a stored Cross-Site Scripting (XSS) attack to achieve Remote Command Execution (RCE) through the Users and Group's real name parameter.
Webmin Webmin 2.021
6.1
CVSSv3
CVE-2023-38305
An issue exists in Webmin 2.021. The download functionality allows an malicious user to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a crafted download path containing a malicious payload, an attacker can inject arbitrary code, which is then executed within th...
Webmin Webmin 2.021
5.4
CVSSv3
CVE-2023-38307
An issue exists in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability exists in the Users and Groups functionality. The vulnerability occurs when an authenticated user adds a new user and inserts an XSS payload into the user's real name.
Webmin Webmin 2.021
6.1
CVSSv3
CVE-2023-38308
An issue exists in Webmin 2.021. A Cross-Site Scripting (XSS) vulnerability exists in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious code. leading to the execution of arbi...
Webmin Webmin 2.021
6.1
CVSSv3
CVE-2023-38309
An issue exists in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability exists in the package search functionality. The vulnerability allows an malicious user to inject a malicious payload in the "Search for Package" field, which gets reflected back in the...
Webmin Webmin 2.021
5.4
CVSSv3
CVE-2023-38310
An issue exists in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability exists in the configuration settings of the system logs functionality. The vulnerability allows an malicious user to store an XSS payload in the configuration settings of specific log files. This r...
Webmin Webmin 2.021
5.4
CVSSv3
CVE-2023-38311
An issue exists in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability exists in the System Logs Viewer functionality. The vulnerability allows an malicious user to store a malicious payload in the configuration field, triggering the execution of the payload when savi...
Webmin Webmin 2.021
6.1
CVSSv3
CVE-2022-3844
A vulnerability, which was classified as problematic, was found in Webmin 2.001. Affected is an unknown function of the file xterm/index.cgi. The manipulation leads to basic cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.003 is able to ...
Webmin Webmin 2.001
8.8
CVSSv3
CVE-2022-35132
Usermin up to and including 1.850 allows a remote authenticated user to execute OS commands via command injection in a filename for the GPG module.
Webmin Usermin
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »