Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-38304
An issue exists in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability exists in the Users and Groups functionality, allowing an malicious user to store a malicious payload in the Group Name field when creating a new group.
Webmin Webmin 2.021
NA
CVE-2023-38305
An issue exists in Webmin 2.021. The download functionality allows an malicious user to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a crafted download path containing a malicious payload, an attacker can inject arbitrary code, which is then executed within th...
Webmin Webmin 2.021
NA
CVE-2023-38306
An issue exists in Webmin 2.021. A Cross-site Scripting (XSS) Bypass vulnerability exists in the file upload functionality. Normally, the application restricts the upload of certain file types such as .svg, .php, etc., and displays an error message if a prohibited file type is de...
Webmin Webmin 2.021
NA
CVE-2023-38307
An issue exists in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability exists in the Users and Groups functionality. The vulnerability occurs when an authenticated user adds a new user and inserts an XSS payload into the user's real name.
Webmin Webmin 2.021
NA
CVE-2023-38308
An issue exists in Webmin 2.021. A Cross-Site Scripting (XSS) vulnerability exists in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious code. leading to the execution of arbi...
Webmin Webmin 2.021
NA
CVE-2023-38309
An issue exists in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability exists in the package search functionality. The vulnerability allows an malicious user to inject a malicious payload in the "Search for Package" field, which gets reflected back in the...
Webmin Webmin 2.021
NA
CVE-2023-38311
An issue exists in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability exists in the System Logs Viewer functionality. The vulnerability allows an malicious user to store a malicious payload in the configuration field, triggering the execution of the payload when savi...
Webmin Webmin 2.021
6.8
CVSSv2
CVE-2019-9624
Webmin 1.900 allows remote malicious users to execute arbitrary code by leveraging the "Java file manager" and "Upload and Download" privileges to upload a crafted .cgi file via the /updown/upload.cgi URI.
Webmin Webmin 1.900
10
CVSSv2
CVE-2001-1196
Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows malicious users to gain privileges via a '..' (dot dot) in the argument.
Webmin Webmin 0.91
1 EDB exploit
6.8
CVSSv2
CVE-2021-32156
A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
Webmin Webmin 1.973
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »