Vulnerabilities > Webmin > Webmin > 1.2.60
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-01-05 | CVE-2009-4568 | Cross-Site Scripting vulnerability in Webmin Usermin and Webmin Cross-site scripting (XSS) vulnerability in Webmin before 1.500 and Usermin before 1.430 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2006-09-05 | CVE-2006-4542 | Cross-Site Scripting vulnerability in multiple products Webmin before 1.296 and Usermin before 1.226 do not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS), read CGI program source code, list directories, and possibly execute programs. | 6.8 |
| 2006-06-28 | CVE-2006-3274 | Remote Directory Traversal vulnerability in Webmin Directory traversal vulnerability in Webmin before 1.280, when run on Windows, allows remote attackers to read arbitrary files via \ (backslash) characters in the URL to certain directories under the web root, such as the image directory. | 5.0 |