Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmin webmin vulnerabilities and exploits
(subscribe to this query)
542
VMScore
CVE-2006-3392
Webmin prior to 1.290 and Usermin prior to 1.220 calls the simplify_path function before decoding HTML, which allows remote malicious users to read arbitrary files, as demonstrated using "..%01" sequences, which bypass the removal of "../" sequences before byt...
Webmin Webmin
Usermin Usermin
2 EDB exploits
2 Nmap scripts
7 Github repositories
540
VMScore
CVE-2012-2983
file/edit_html.cgi in Webmin 1.590 and previous versions does not perform an authorization check before showing a file's unedited contents, which allows remote malicious users to read arbitrary files via the file field.
Gentoo Webmin
Gentoo Webmin 1.580
Gentoo Webmin 1.500
Gentoo Webmin 1.480
Gentoo Webmin 1.400
Gentoo Webmin 1.390
Gentoo Webmin 1.290
Gentoo Webmin 1.280
Gentoo Webmin 1.200
Gentoo Webmin 1.570
Gentoo Webmin 1.550
Gentoo Webmin 1.470
Gentoo Webmin 1.450
Gentoo Webmin 1.380
Gentoo Webmin 1.370
Gentoo Webmin 1.270
Gentoo Webmin 1.260
Gentoo Webmin 1.170
Gentoo Webmin 1.160
Gentoo Webmin 1.180
Gentoo Webmin 1.520
Gentoo Webmin 1.510
534
VMScore
CVE-2012-2981
Webmin 1.590 and previous versions allows remote authenticated users to execute arbitrary Perl code via a crafted file associated with the type (aka monitor type name) parameter.
Gentoo Webmin 1.570
Gentoo Webmin 1.550
Gentoo Webmin 1.450
Gentoo Webmin 1.440
Gentoo Webmin 1.370
Gentoo Webmin 1.340
Gentoo Webmin 1.270
Gentoo Webmin 1.560
Gentoo Webmin 1.530
Gentoo Webmin 1.430
Gentoo Webmin 1.420
Gentoo Webmin 1.330
Gentoo Webmin 1.320
Gentoo Webmin 1.240
Gentoo Webmin 1.230
Gentoo Webmin 1.140
Gentoo Webmin 1.520
Gentoo Webmin 1.510
Gentoo Webmin 1.410
Gentoo Webmin 1.400
Gentoo Webmin 1.310
Gentoo Webmin 1.300
505
VMScore
CVE-2017-15644
SSRF exists in Webmin 1.850 via the PATH_INFO to tunnel/link.cgi, as demonstrated by a GET request for tunnel/link.cgi/http://INTRANET-IP:8000.
Webmin Webmin
1 EDB exploit
490
VMScore
CVE-2022-0829
Improper Authorization in GitHub repository webmin/webmin before 1.990.
Webmin Webmin
4 Github repositories
446
VMScore
CVE-2006-3274
Directory traversal vulnerability in Webmin prior to 1.280, when run on Windows, allows remote malicious users to read arbitrary files via \ (backslash) characters in the URL to certain directories under the web root, such as the image directory.
Webmin Webmin 1.2.40
Webmin Webmin 1.2.50
Webmin Webmin 1.2.30
Webmin Webmin 1.2.60
Webmin Webmin
2 Github repositories
445
VMScore
CVE-2018-8712
An issue exists in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file as a log file" is enabled. As a result of weak default configuration settings, limited users have full access rights to the underlying Unix system files, allowing the user to re...
Webmin Webmin 1.840
Webmin Webmin 1.880
445
VMScore
CVE-2005-0427
The ebuild of Webmin prior to 1.170-r3 on Gentoo Linux includes the encrypted root password in the miniserv.users file when building a tbz2 of the webmin package, which allows remote malicious users to obtain and possibly crack the encrypted password.
Gentoo Webmin 1.150
Gentoo Webmin 1.160
Gentoo Webmin 1.140
Gentoo Webmin 1.170
445
VMScore
CVE-2004-0583
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote malicious users to conduct a brute force attack to guess user IDs and passwords.
Usermin Usermin 1.070
Webmin Webmin 1.1.40
Debian Debian Linux 3.0
445
VMScore
CVE-2004-0582
Unknown vulnerability in Webmin 1.140 allows remote malicious users to bypass access control rules and gain read access to configuration information for a module.
Webmin Webmin 1.1.40
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »