Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmin vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2020-8820
An XSS Vulnerability exists in Webmin 1.941 and previous versions affecting the Cluster Shell Commands Endpoint. A user may enter any XSS Payload into the Command field and execute it. Then, after revisiting the Cluster Shell Commands Menu, the XSS Payload will be rendered and ex...
Webmin Webmin
NA
CVE-2022-36446
software/apt-lib.pl in Webmin prior to 1.997 lacks HTML escaping for a UI command.
Webmin Webmin
4 Github repositories
NA
CVE-2023-43309
There is a stored cross-site scripting (XSS) vulnerability in Webmin 2.002 and below via the Cluster Cron Job tab Input field, which allows malicious users to run malicious scripts by injecting a specially crafted payload.
Webmin Webmin
1000
VMScore
CVE-2019-15107
An issue exists in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
Webmin Webmin
1 EDB exploit
49 Github repositories
1 Article
490
VMScore
CVE-2022-0829
Improper Authorization in GitHub repository webmin/webmin before 1.990.
Webmin Webmin
4 Github repositories
805
VMScore
CVE-2019-12840
In Webmin up to and including 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi.
Webmin Webmin
12 Github repositories
605
VMScore
CVE-2019-9624
Webmin 1.900 allows remote malicious users to execute arbitrary code by leveraging the "Java file manager" and "Upload and Download" privileges to upload a crafted .cgi file via the /updown/upload.cgi URI.
Webmin Webmin 1.900
312
VMScore
CVE-2018-19191
Webmin 1.890 has XSS via /config.cgi?webmin, the /shell/index.cgi history parameter, /shell/index.cgi?stripped=1, or the /webminlog/search.cgi uall or mall parameter.
Webmin Webmin 1.890
1000
VMScore
CVE-2001-1196
Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows malicious users to gain privileges via a '..' (dot dot) in the argument.
Webmin Webmin 0.91
1 EDB exploit
107
VMScore
CVE-2001-0222
webmin 0.84 and previous versions allows local users to overwrite and create arbitrary files via a symlink attack.
Webmin Webmin 0.83
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »