Vulnerabilities > Webmin
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-04 | CVE-2024-45692 | Infinite Loop vulnerability in multiple products Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP packets on port 10000. | 7.5 |
2024-07-10 | CVE-2024-36450 | Cross-site Scripting vulnerability in Webmin Cross-site scripting vulnerability exists in sysinfo.cgi of Webmin versions prior to 1.910. | 5.4 |
2024-01-25 | CVE-2023-52046 | Cross-site Scripting vulnerability in Webmin Cross Site Scripting vulnerability (XSS) in webmin v.2.105 and earlier allows a remote attacker to execute arbitrary code via a crafted payload to the "Execute cron job as" tab Input field. | 4.8 |
2023-09-21 | CVE-2023-43309 | Cross-site Scripting vulnerability in Webmin There is a stored cross-site scripting (XSS) vulnerability in Webmin 2.002 and below via the Cluster Cron Job tab Input field, which allows attackers to run malicious scripts by injecting a specially crafted payload. | 4.8 |
2023-09-16 | CVE-2023-41157 | Cross-site Scripting vulnerability in Webmin Usermin 2.000 Multiple stored cross-site scripting (XSS) vulnerabilities in Usermin 2.000 allow remote attackers to inject arbitrary web script or HTML via the folder name parameter while creating the folder to manage the folder tab, filter tab, and forward mail tab. | 5.4 |
2023-09-15 | CVE-2023-40983 | Cross-site Scripting vulnerability in Webmin 2.100 A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Find in Results file. | 6.1 |
2023-09-15 | CVE-2023-40982 | Cross-site Scripting vulnerability in Webmin 2.100 A stored cross-site scripting (XSS) vulnerability in Webmin v2.100 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cloned module name parameter. | 5.4 |
2023-09-15 | CVE-2023-40984 | Cross-site Scripting vulnerability in Webmin 2.100 A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Replace in Results file. | 5.4 |
2023-09-15 | CVE-2023-40985 | Cross-site Scripting vulnerability in Webmin 2.100 An issue was discovered in Webmin 2.100. | 5.4 |
2023-09-15 | CVE-2023-40986 | Cross-site Scripting vulnerability in Webmin 2.100 A stored cross-site scripting (XSS) vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field. | 5.4 |