Vulnerabilities > Webmin > Webmin > 0.97
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-01-05 | CVE-2009-4568 | Cross-Site Scripting vulnerability in Webmin Usermin and Webmin Cross-site scripting (XSS) vulnerability in Webmin before 1.500 and Usermin before 1.430 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2006-09-05 | CVE-2006-4542 | Cross-Site Scripting vulnerability in multiple products Webmin before 1.296 and Usermin before 1.226 do not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS), read CGI program source code, list directories, and possibly execute programs. | 6.8 |
2005-05-02 | CVE-2005-1177 | Denial-Of-Service vulnerability in Usermin Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuration files, with unknown impact. | 10.0 |
2002-12-31 | CVE-2002-1947 | Unspecified vulnerability in Webmin Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL session. | 6.4 |