Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmin webmin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40986
A stored cross-site scripting (XSS) vulnerability in the Usermin Configuration function of Webmin v2.100 allows malicious users to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field.
Webmin Webmin 2.100
NA
CVE-2023-41163
A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML via the replace in results field while replacing the results under the tools drop down.
Webmin Webmin 2.000
606
VMScore
CVE-2021-31760
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature.
Webmin Webmin 1.973
2 Github repositories
606
VMScore
CVE-2021-31761
Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature.
Webmin Webmin 1.973
2 Github repositories
606
VMScore
CVE-2021-31762
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
Webmin Webmin 1.973
2 Github repositories
445
VMScore
CVE-2004-0582
Unknown vulnerability in Webmin 1.140 allows remote malicious users to bypass access control rules and gain read access to configuration information for a module.
Webmin Webmin 1.1.40
1000
VMScore
CVE-2001-1196
Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows malicious users to gain privileges via a '..' (dot dot) in the argument.
Webmin Webmin 0.91
1 EDB exploit
605
VMScore
CVE-2019-9624
Webmin 1.900 allows remote malicious users to execute arbitrary code by leveraging the "Java file manager" and "Upload and Download" privileges to upload a crafted .cgi file via the /updown/upload.cgi URI.
Webmin Webmin 1.900
668
VMScore
CVE-2020-35769
miniserv.pl in Webmin 1.962 on Windows mishandles special characters in query arguments to the CGI program.
Webmin Webmin 1.962
107
VMScore
CVE-2001-0222
webmin 0.84 and previous versions allows local users to overwrite and create arbitrary files via a symlink attack.
Webmin Webmin 0.83
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »