Webmin

Webmin

100 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.4%
  • Veröffentlicht 10.07.2024 07:15:03
  • Zuletzt bearbeitet 08.10.2025 16:54:02

Cross-site scripting vulnerability exists in session_login.cgi of Webmin versions prior to 1.970 and Usermin versions prior to 1.820. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed ...

  • EPSS 0.18%
  • Veröffentlicht 10.07.2024 07:15:03
  • Zuletzt bearbeitet 08.10.2025 16:53:35

Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2.003. If this vulnerability is exploited, unintended operations may be performed when a user views a malicious page while logged in. As a result, data wit...

  • EPSS 0.57%
  • Veröffentlicht 10.07.2024 07:15:03
  • Zuletzt bearbeitet 08.10.2025 16:54:20

Improper handling of insufficient permissions or privileges vulnerability exists in ajaxterm module of Webmin prior to 2.003. If this vulnerability is exploited, a console session may be hijacked by an unauthorized user. As a result, data within a sy...

  • EPSS 0.3%
  • Veröffentlicht 10.07.2024 07:15:02
  • Zuletzt bearbeitet 13.03.2025 15:15:44

Cross-site scripting vulnerability exists in sysinfo.cgi of Webmin versions prior to 1.910. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product. As a result...

Exploit
  • EPSS 0.57%
  • Veröffentlicht 25.01.2024 21:15:08
  • Zuletzt bearbeitet 30.05.2025 15:15:27

Cross Site Scripting vulnerability (XSS) in webmin v.2.105 and earlier allows a remote attacker to execute arbitrary code via a crafted payload to the "Execute cron job as" tab Input field.

Exploit
  • EPSS 0.4%
  • Veröffentlicht 21.09.2023 14:15:10
  • Zuletzt bearbeitet 21.11.2024 08:23:58

There is a stored cross-site scripting (XSS) vulnerability in Webmin 2.002 and below via the Cluster Cron Job tab Input field, which allows attackers to run malicious scripts by injecting a specially crafted payload.

Exploit
  • EPSS 0.52%
  • Veröffentlicht 15.09.2023 04:15:10
  • Zuletzt bearbeitet 09.07.2026 01:18:37

A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Find in Results file.

Exploit
  • EPSS 0.42%
  • Veröffentlicht 15.09.2023 03:15:09
  • Zuletzt bearbeitet 09.07.2026 01:18:37

A stored cross-site scripting (XSS) vulnerability in Webmin v2.100 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cloned module name parameter.

Exploit
  • EPSS 0.41%
  • Veröffentlicht 15.09.2023 01:15:07
  • Zuletzt bearbeitet 09.07.2026 01:18:37

A stored cross-site scripting (XSS) vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field.

Exploit
  • EPSS 0.41%
  • Veröffentlicht 15.09.2023 01:15:07
  • Zuletzt bearbeitet 09.07.2026 01:18:37

An issue was discovered in Webmin 2.100. The File Manager functionality allows an attacker to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a malicious payload, an attacker can inject arbitrary code, which is then executed within t...