Vulnerabilities > Webmin > Webmin > 0.70
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-07-06 | CVE-2006-3392 | Information Disclosure vulnerability in Webmin/Usermin Unspecifed Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML, which allows remote attackers to read arbitrary files, as demonstrated using "..%01" sequences, which bypass the removal of "../" sequences before bytes such as "%01" are removed from the filename. | 5.0 |
2006-06-28 | CVE-2006-3274 | Remote Directory Traversal vulnerability in Webmin Directory traversal vulnerability in Webmin before 1.280, when run on Windows, allows remote attackers to read arbitrary files via \ (backslash) characters in the URL to certain directories under the web root, such as the image directory. | 5.0 |
2002-12-31 | CVE-2002-2201 | Remote Security vulnerability in Webmin The Printer Administration module for Webmin 0.990 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the printer name. | 10.0 |