Vulnerabilities > Webmin > Usermin > 1.590

DATE CVE VULNERABILITY TITLE RISK
2022-10-25 CVE-2022-35132 OS Command Injection vulnerability in Webmin Usermin
Usermin through 1.850 allows a remote authenticated user to execute OS commands via command injection in a filename for the GPG module.
network
low complexity
webmin CWE-78
8.8
2022-07-27 CVE-2022-36880 Cross-site Scripting vulnerability in Webmin Usermin
The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message.
network
webmin CWE-79
4.3
2017-04-12 CVE-2016-4897 Cross-site Scripting vulnerability in Webmin Usermin
Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save_forward.cgi, (2) filter/save.cgi, (3) /man/search.cgi in Usermin before 1.690.
network
webmin CWE-79
4.3
2014-07-20 CVE-2014-3884 Cross-Site Scripting vulnerability in Webmin Usermin
Cross-site scripting (XSS) vulnerability in Usermin before 1.600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
webmin CWE-79
4.3
2014-06-21 CVE-2014-3883 OS Command Injection vulnerability in Webmin Usermin
Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via unspecified vectors related to a user action.
network
webmin CWE-78
6.8