Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmin webmin vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-1999-1074
Webmin prior to 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote malicious users to gain privileges via brute force password cracking.
Webmin Webmin 0.22
Webmin Webmin 0.4
Webmin Webmin 0.31
Webmin Webmin 0.42
Webmin Webmin 0.21
Webmin Webmin 0.2
Webmin Webmin 0.41
Webmin Webmin 0.3
Webmin Webmin 0.1
7.2
CVSSv2
CVE-2001-1074
Webmin 0.84 and previous versions does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges.
Webmin Webmin 0.7
Webmin Webmin 0.6
Webmin Webmin 0.83
Webmin Webmin 0.84
Webmin Webmin 0.80
Webmin Webmin 0.5
6.8
CVSSv2
CVE-2021-32157
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
Webmin Webmin 1.973
1 Github repository
6.8
CVSSv2
CVE-2021-32156
A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
Webmin Webmin 1.973
6.8
CVSSv2
CVE-2021-32159
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature.
Webmin Webmin 1.973
6.8
CVSSv2
CVE-2021-32162
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature.
Webmin Webmin 1.973
6.8
CVSSv2
CVE-2021-31761
Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature.
Webmin Webmin 1.973
2 Github repositories
6.8
CVSSv2
CVE-2021-31762
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
Webmin Webmin 1.973
2 Github repositories
6.8
CVSSv2
CVE-2021-31760
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature.
Webmin Webmin 1.973
2 Github repositories
6.8
CVSSv2
CVE-2019-15641
xmlrpc.cgi in Webmin up to and including 1.930 allows authenticated XXE attacks. By default, only root, admin, and sysadm can access xmlrpc.cgi.
Webmin Webmin
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »