Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmin webmin vulnerabilities and exploits
(subscribe to this query)
436
VMScore
CVE-2015-1377
The Read Mail module in Webmin 1.720 allows local users to read arbitrary files via a symlink attack on an unspecified file.
Webmin Webmin
435
VMScore
CVE-2017-15646
Webmin prior to 1.860 has XSS with resultant remote code execution. Under the 'Others/File Manager' menu, there is a 'Download from remote URL' option to download a file from a remote server. After setting up a malicious server, one can wait for a file downloa...
Webmin Webmin
1 EDB exploit
409
VMScore
CVE-2001-1530
run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands.
Webmin Webmin 0.88
Webmin Webmin 0.80
384
VMScore
CVE-2021-32158
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload and Download feature.
Webmin Webmin 1.973
384
VMScore
CVE-2021-32160
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature.
Webmin Webmin 1.973
384
VMScore
CVE-2021-32161
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature.
Webmin Webmin 1.973
383
VMScore
CVE-2022-36880
The Read Mail module in Webmin 1.995 and Usermin up to and including 1.850 allows XSS via a crafted HTML e-mail message.
Webmin Usermin
Webmin Webmin 1.995
1 Github repository
383
VMScore
CVE-2020-12670
XSS exists in Webmin 1.941 and previous versions affecting the Save function of the Read User Email Module / mailboxes Endpoint when attempting to save HTML emails. This module parses any output without sanitizing SCRIPT elements, as opposed to the View function, which sanitizes ...
Webmin Webmin
383
VMScore
CVE-2017-9313
Multiple Cross-site scripting (XSS) vulnerabilities in Webmin prior to 1.850 allow remote malicious users to inject arbitrary web script or HTML via the sec parameter to view_man.cgi, the referers parameter to change_referers.cgi, or the name parameter to save_user.cgi. NOTE: the...
Webmin Webmin
383
VMScore
CVE-2017-2106
Multiple cross-site scripting vulnerabilities in Webmin versions before 1.830 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Webmin Webmin
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »