Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmin webmin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-38304
An issue exists in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability exists in the Users and Groups functionality, allowing an malicious user to store a malicious payload in the Group Name field when creating a new group.
Webmin Webmin 2.021
NA
CVE-2023-38305
An issue exists in Webmin 2.021. The download functionality allows an malicious user to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a crafted download path containing a malicious payload, an attacker can inject arbitrary code, which is then executed within th...
Webmin Webmin 2.021
NA
CVE-2023-38306
An issue exists in Webmin 2.021. A Cross-site Scripting (XSS) Bypass vulnerability exists in the file upload functionality. Normally, the application restricts the upload of certain file types such as .svg, .php, etc., and displays an error message if a prohibited file type is de...
Webmin Webmin 2.021
NA
CVE-2023-38307
An issue exists in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability exists in the Users and Groups functionality. The vulnerability occurs when an authenticated user adds a new user and inserts an XSS payload into the user's real name.
Webmin Webmin 2.021
NA
CVE-2023-38308
An issue exists in Webmin 2.021. A Cross-Site Scripting (XSS) vulnerability exists in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious code. leading to the execution of arbi...
Webmin Webmin 2.021
NA
CVE-2023-38309
An issue exists in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability exists in the package search functionality. The vulnerability allows an malicious user to inject a malicious payload in the "Search for Package" field, which gets reflected back in the...
Webmin Webmin 2.021
NA
CVE-2023-38310
An issue exists in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability exists in the configuration settings of the system logs functionality. The vulnerability allows an malicious user to store an XSS payload in the configuration settings of specific log files. This r...
Webmin Webmin 2.021
NA
CVE-2023-38311
An issue exists in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability exists in the System Logs Viewer functionality. The vulnerability allows an malicious user to store a malicious payload in the configuration field, triggering the execution of the payload when savi...
Webmin Webmin 2.021
NA
CVE-2022-3844
A vulnerability, which was classified as problematic, was found in Webmin 2.001. Affected is an unknown function of the file xterm/index.cgi. The manipulation leads to basic cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.003 is able to ...
Webmin Webmin 2.001
NA
CVE-2022-35132
Usermin up to and including 1.850 allows a remote authenticated user to execute OS commands via command injection in a filename for the GPG module.
Webmin Usermin
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »