CVE-2023-38311
- EPSS 0.49%
- Veröffentlicht 31.07.2023 15:15:10
- Zuletzt bearbeitet 21.11.2024 08:13:18
An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the System Logs Viewer functionality. The vulnerability allows an attacker to store a malicious payload in the configuration field, triggerin...
CVE-2023-38307
- EPSS 0.41%
- Veröffentlicht 31.07.2023 15:15:10
- Zuletzt bearbeitet 21.11.2024 08:13:17
An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Users and Groups functionality. The vulnerability occurs when an authenticated user adds a new user and inserts an XSS payload into the u...
CVE-2022-3844
- EPSS 0.59%
- Veröffentlicht 02.11.2022 20:15:11
- Zuletzt bearbeitet 21.11.2024 07:20:21
A vulnerability, which was classified as problematic, was found in Webmin 2.001. Affected is an unknown function of the file xterm/index.cgi. The manipulation leads to basic cross site scripting. It is possible to launch the attack remotely. Upgradin...
CVE-2022-36880
- EPSS 0.53%
- Veröffentlicht 27.07.2022 04:15:10
- Zuletzt bearbeitet 21.11.2024 07:13:58
The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message.
CVE-2022-36446
- EPSS 96.05%
- Veröffentlicht 25.07.2022 06:15:07
- Zuletzt bearbeitet 21.11.2024 07:13:01
software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.
CVE-2022-30708
- EPSS 3.48%
- Veröffentlicht 15.05.2022 03:15:07
- Zuletzt bearbeitet 21.11.2024 07:03:13
Webmin through 1.991, when the Authentic theme is used, allows remote code execution when a user has been manually created (i.e., not created in Virtualmin or Cloudmin). This occurs because settings-editor_write.cgi does not properly restrict the fil...
CVE-2021-32160
- EPSS 2%
- Veröffentlicht 11.04.2022 06:15:08
- Zuletzt bearbeitet 21.11.2024 06:06:53
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature.
CVE-2021-32156
- EPSS 2.31%
- Veröffentlicht 11.04.2022 06:15:08
- Zuletzt bearbeitet 21.11.2024 06:06:52
A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
CVE-2021-32157
- EPSS 4.04%
- Veröffentlicht 11.04.2022 06:15:08
- Zuletzt bearbeitet 21.11.2024 06:06:52
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
CVE-2021-32158
- EPSS 2%
- Veröffentlicht 11.04.2022 06:15:08
- Zuletzt bearbeitet 21.11.2024 06:06:53
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload and Download feature.