Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmin vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-41163
A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML via the replace in results field while replacing the results under the tools drop down.
Webmin Webmin 2.000
NA
CVE-2001-1196
Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows malicious users to gain privileges via a '..' (dot dot) in the argument.
Webmin Webmin 0.91
1 EDB exploit
NA
CVE-2004-0582
Unknown vulnerability in Webmin 1.140 allows remote malicious users to bypass access control rules and gain read access to configuration information for a module.
Webmin Webmin 1.1.40
5.4
CVSSv3
CVE-2023-38303
An issue exists in Webmin 2.021. One can exploit a stored Cross-Site Scripting (XSS) attack to achieve Remote Command Execution (RCE) through the Users and Group's real name parameter.
Webmin Webmin 2.021
5.4
CVSSv3
CVE-2023-38304
An issue exists in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability exists in the Users and Groups functionality, allowing an malicious user to store a malicious payload in the Group Name field when creating a new group.
Webmin Webmin 2.021
5.4
CVSSv3
CVE-2023-38307
An issue exists in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability exists in the Users and Groups functionality. The vulnerability occurs when an authenticated user adds a new user and inserts an XSS payload into the user's real name.
Webmin Webmin 2.021
6.1
CVSSv3
CVE-2023-38308
An issue exists in Webmin 2.021. A Cross-Site Scripting (XSS) vulnerability exists in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious code. leading to the execution of arbi...
Webmin Webmin 2.021
6.1
CVSSv3
CVE-2023-38309
An issue exists in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability exists in the package search functionality. The vulnerability allows an malicious user to inject a malicious payload in the "Search for Package" field, which gets reflected back in the...
Webmin Webmin 2.021
7.8
CVSSv3
CVE-2019-9624
Webmin 1.900 allows remote malicious users to execute arbitrary code by leveraging the "Java file manager" and "Upload and Download" privileges to upload a crafted .cgi file via the /updown/upload.cgi URI.
Webmin Webmin 1.900
NA
CVE-2001-0222
webmin 0.84 and previous versions allows local users to overwrite and create arbitrary files via a symlink attack.
Webmin Webmin 0.83
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »