Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmin vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-32158
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload and Download feature.
Webmin Webmin 1.973
8.8
CVSSv3
CVE-2021-32159
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature.
Webmin Webmin 1.973
6.1
CVSSv3
CVE-2021-32160
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature.
Webmin Webmin 1.973
6.1
CVSSv3
CVE-2021-32161
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature.
Webmin Webmin 1.973
8.8
CVSSv3
CVE-2021-32162
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature.
Webmin Webmin 1.973
6.1
CVSSv3
CVE-2022-3844
A vulnerability, which was classified as problematic, was found in Webmin 2.001. Affected is an unknown function of the file xterm/index.cgi. The manipulation leads to basic cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.003 is able to ...
Webmin Webmin 2.001
9.8
CVSSv3
CVE-2020-35769
miniserv.pl in Webmin 1.962 on Windows mishandles special characters in query arguments to the CGI program.
Webmin Webmin 1.962
NA
CVE-2006-3392
Webmin prior to 1.290 and Usermin prior to 1.220 calls the simplify_path function before decoding HTML, which allows remote malicious users to read arbitrary files, as demonstrated using "..%01" sequences, which bypass the removal of "../" sequences before byt...
Webmin Webmin
Usermin Usermin
2 EDB exploits
2 Nmap scripts
7 Github repositories
NA
CVE-2005-3042
miniserv.pl in Webmin prior to 1.230 and Usermin prior to 1.160, when "full PAM conversations" is enabled, allows remote malicious users to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return).
Webmin Webmin 1.2.20
Usermin Usermin 1.150
NA
CVE-2005-3912
Format string vulnerability in miniserv.pl Perl web server in Webmin prior to 1.250 and Usermin prior to 1.180, with syslog logging enabled, allows remote malicious users to cause a denial of service (crash or memory consumption) and possibly execute arbitrary code via format str...
Webmin Webmin
Debian Debian Linux 3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »