Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmin webmin vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2002-0757
(1) Webmin 0.96 and (2) Usermin 0.90 with password timeouts enabled allow local and possibly remote malicious users to bypass authentication and gain privileges via certain control characters in the authentication information, which can force Webmin or Usermin to accept arbitrary...
Webmin Webmin 0.93
Webmin Webmin 0.94
Webmin Webmin 0.95
Webmin Webmin 0.96
Webmin Webmin 0.91
Webmin Webmin 0.92.1
Usermin Usermin 0.7
Usermin Usermin 0.8
Usermin Usermin 0.9
Webmin Webmin 0.92
668
VMScore
CVE-1999-1074
Webmin prior to 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote malicious users to gain privileges via brute force password cracking.
Webmin Webmin 0.2
Webmin Webmin 0.22
Webmin Webmin 0.42
Webmin Webmin 0.3
Webmin Webmin 0.31
Webmin Webmin 0.4
Webmin Webmin 0.41
Webmin Webmin 0.1
Webmin Webmin 0.21
660
VMScore
CVE-2012-2982
file/show.cgi in Webmin 1.590 and previous versions allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.
Gentoo Webmin 1.520
Gentoo Webmin 1.510
Gentoo Webmin 1.420
Gentoo Webmin 1.410
Gentoo Webmin 1.400
Gentoo Webmin 1.310
Gentoo Webmin 1.300
Gentoo Webmin 1.220
Gentoo Webmin 1.210
Gentoo Webmin
Gentoo Webmin 1.580
Gentoo Webmin 1.500
Gentoo Webmin 1.480
Gentoo Webmin 1.390
Gentoo Webmin 1.380
Gentoo Webmin 1.290
Gentoo Webmin 1.280
Gentoo Webmin 1.200
Gentoo Webmin 1.180
Gentoo Webmin 1.560
Gentoo Webmin 1.530
Gentoo Webmin 1.440
1 EDB exploit
17 Github repositories
641
VMScore
CVE-2001-1074
Webmin 0.84 and previous versions does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges.
Webmin Webmin 0.6
Webmin Webmin 0.7
Webmin Webmin 0.5
Webmin Webmin 0.80
Webmin Webmin 0.83
Webmin Webmin 0.84
606
VMScore
CVE-2021-32156
A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
Webmin Webmin 1.973
606
VMScore
CVE-2021-32159
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature.
Webmin Webmin 1.973
606
VMScore
CVE-2021-32162
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature.
Webmin Webmin 1.973
606
VMScore
CVE-2021-31760
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature.
2 Github repositories
606
VMScore
CVE-2021-31761
Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature.
Webmin Webmin 1.973
2 Github repositories
606
VMScore
CVE-2021-31762
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
Webmin Webmin 1.973
2 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »