Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
usermin vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-41157
Multiple stored cross-site scripting (XSS) vulnerabilities in Usermin 2.000 allow remote malicious users to inject arbitrary web script or HTML via the folder name parameter while creating the folder to manage the folder tab, filter tab, and forward mail tab.
Webmin Usermin 2.000
5.4
CVSSv3
CVE-2023-40986
A stored cross-site scripting (XSS) vulnerability in the Usermin Configuration function of Webmin v2.100 allows malicious users to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field.
Webmin Webmin 2.100
5.4
CVSSv3
CVE-2023-41160
A Stored Cross-Site Scripting (XSS) vulnerability in the SSH configuration tab in Usermin 2.001 allows remote malicious users to inject arbitrary web script or HTML via the key name field while adding an authorized key.
Webmin Usermin 2.001
5.4
CVSSv3
CVE-2023-41156
A Stored Cross-Site Scripting (XSS) vulnerability in the filter and forward mail tab in Usermin 2.001 allows remote malicious users to inject arbitrary web script or HTML via the save to new folder named field while creating a new filter.
Webmin Usermin 2.001
5.4
CVSSv3
CVE-2023-41159
A Stored Cross-Site Scripting (XSS) vulnerability while editing the autoreply file page in Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML by editing the forward file manually.
Webmin Usermin 2.000
5.4
CVSSv3
CVE-2023-41152
A Stored Cross-Site Scripting (XSS) vulnerability in the MIME type programs tab in Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML via the handle program field while creating a new MIME type program.
Webmin Usermin 2.000
5.4
CVSSv3
CVE-2023-41154
A Stored Cross-Site Scripting (XSS) vulnerability in the scheduled cron jobs tab in Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML via the value field parameter while creating a new environment variable.
Webmin Usermin 2.000
5.4
CVSSv3
CVE-2023-41155
A Stored Cross-Site Scripting (XSS) vulnerability in the mail forwarding and replies tab in Webmin and Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML via the forward to field while creating a mail forwarding rule.
Webmin Webmin 2.000
Webmin Usermin 2.000
6.1
CVSSv3
CVE-2023-41162
A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down.
Webmin Usermin 2.000
5.4
CVSSv3
CVE-2023-41158
A Stored Cross-Site Scripting (XSS) vulnerability in the MIME type programs tab in Usermin 2.000 allows remote malicious users to inject arbitrary web script or HTML via the description field while creating a new MIME type program.
Webmin Usermin 2.000
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »