Vulnerabilities > Webmin > Usermin > 1.230

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-35132 OS Command Injection vulnerability in Webmin Usermin
Usermin through 1.850 allows a remote authenticated user to execute OS commands via command injection in a filename for the GPG module.
network
low complexity
webmin CWE-78
8.8
8.8
2022-07-27 CVE-2022-36880 Cross-site Scripting vulnerability in Webmin Usermin
The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message.
network
low complexity
webmin CWE-79
6.1
6.1
2017-04-12 CVE-2016-4897 Cross-site Scripting vulnerability in Webmin Usermin
Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save_forward.cgi, (2) filter/save.cgi, (3) /man/search.cgi in Usermin before 1.690.
network
low complexity
webmin CWE-79
6.1
6.1