Vulnerabilities > Webmin
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-19 | CVE-2017-15646 | Cross-site Scripting vulnerability in Webmin Webmin before 1.860 has XSS with resultant remote code execution. | 6.1 |
2017-10-19 | CVE-2017-15645 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin CSRF exists in Webmin 1.850. | 8.8 |
2017-10-19 | CVE-2017-15644 | Server-Side Request Forgery (SSRF) vulnerability in Webmin SSRF exists in Webmin 1.850 via the PATH_INFO to tunnel/link.cgi, as demonstrated by a GET request for tunnel/link.cgi/http://INTRANET-IP:8000. | 8.6 |
2017-07-04 | CVE-2017-9313 | Cross-site Scripting vulnerability in Webmin Multiple Cross-site scripting (XSS) vulnerabilities in Webmin before 1.850 allow remote attackers to inject arbitrary web script or HTML via the sec parameter to view_man.cgi, the referers parameter to change_referers.cgi, or the name parameter to save_user.cgi. | 6.1 |
2017-04-28 | CVE-2017-2106 | Cross-site Scripting vulnerability in Webmin Multiple cross-site scripting vulnerabilities in Webmin versions prior to 1.830 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
2017-04-12 | CVE-2016-4897 | Cross-site Scripting vulnerability in Webmin Usermin Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save_forward.cgi, (2) filter/save.cgi, (3) /man/search.cgi in Usermin before 1.690. | 6.1 |