Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmin webmin vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-36880
The Read Mail module in Webmin 1.995 and Usermin up to and including 1.850 allows XSS via a crafted HTML e-mail message.
Webmin Usermin
Webmin Webmin 1.995
1 Github repository
NA
CVE-2022-36446
software/apt-lib.pl in Webmin prior to 1.997 lacks HTML escaping for a UI command.
Webmin Webmin
4 Github repositories
6.5
CVSSv2
CVE-2022-30708
Webmin up to and including 1.991, when the Authentic theme is used, allows remote code execution when a user has been manually created (i.e., not created in Virtualmin or Cloudmin). This occurs because settings-editor_write.cgi does not properly restrict the file parameter.
Webmin Webmin
6.8
CVSSv2
CVE-2021-32159
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature.
Webmin Webmin 1.973
4.3
CVSSv2
CVE-2021-32161
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature.
Webmin Webmin 1.973
6.8
CVSSv2
CVE-2021-32156
A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
Webmin Webmin 1.973
6.8
CVSSv2
CVE-2021-32157
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
Webmin Webmin 1.973
1 Github repository
4.3
CVSSv2
CVE-2021-32158
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload and Download feature.
Webmin Webmin 1.973
4.3
CVSSv2
CVE-2021-32160
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature.
Webmin Webmin 1.973
6.8
CVSSv2
CVE-2021-32162
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature.
Webmin Webmin 1.973
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »