Vulnerabilities > Webmin
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-11 | CVE-2021-32161 | Cross-site Scripting vulnerability in Webmin 1.973 A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature. | 6.1 |
2022-04-11 | CVE-2021-32162 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973 A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature. | 8.8 |
2022-03-02 | CVE-2022-0824 | Unspecified vulnerability in Webmin Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. | 8.8 |
2022-03-02 | CVE-2022-0829 | Unspecified vulnerability in Webmin Improper Authorization in GitHub repository webmin/webmin prior to 1.990. | 8.1 |
2021-04-25 | CVE-2021-31762 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973 Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature. | 8.8 |
2021-04-25 | CVE-2021-31761 | Cross-site Scripting vulnerability in Webmin 1.973 Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature. | 9.6 |
2021-04-25 | CVE-2021-31760 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973 Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature. | 8.8 |
2020-12-29 | CVE-2020-35769 | Unspecified vulnerability in Webmin 1.962 miniserv.pl in Webmin 1.962 on Windows mishandles special characters in query arguments to the CGI program. | 9.8 |
2020-12-21 | CVE-2020-35606 | OS Command Injection vulnerability in Webmin Arbitrary command execution can occur in Webmin through 1.962. | 8.8 |
2020-10-12 | CVE-2020-8821 | Cross-site Scripting vulnerability in Webmin An Improper Data Validation Vulnerability exists in Webmin 1.941 and earlier affecting the Command Shell Endpoint. | 5.4 |