Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmin vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-38308
An issue exists in Webmin 2.021. A Cross-Site Scripting (XSS) vulnerability exists in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious code. leading to the execution of arbi...
Webmin Webmin 2.021
6.1
CVSSv3
CVE-2023-38309
An issue exists in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability exists in the package search functionality. The vulnerability allows an malicious user to inject a malicious payload in the "Search for Package" field, which gets reflected back in the...
Webmin Webmin 2.021
5.4
CVSSv3
CVE-2023-38310
An issue exists in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability exists in the configuration settings of the system logs functionality. The vulnerability allows an malicious user to store an XSS payload in the configuration settings of specific log files. This r...
Webmin Webmin 2.021
8.8
CVSSv3
CVE-2021-31762
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
Webmin Webmin 1.973
2 Github repositories
7.8
CVSSv3
CVE-2019-9624
Webmin 1.900 allows remote malicious users to execute arbitrary code by leveraging the "Java file manager" and "Upload and Download" privileges to upload a crafted .cgi file via the /updown/upload.cgi URI.
Webmin Webmin 1.900
6.1
CVSSv3
CVE-2022-3844
A vulnerability, which was classified as problematic, was found in Webmin 2.001. Affected is an unknown function of the file xterm/index.cgi. The manipulation leads to basic cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.003 is able to ...
Webmin Webmin 2.001
9.6
CVSSv3
CVE-2021-32157
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
Webmin Webmin 1.973
1 Github repository
6.1
CVSSv3
CVE-2021-32160
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature.
Webmin Webmin 1.973
NA
CVE-2001-1196
Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows malicious users to gain privileges via a '..' (dot dot) in the argument.
Webmin Webmin 0.91
1 EDB exploit
8.8
CVSSv3
CVE-2021-32156
A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
Webmin Webmin 1.973
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »