Vulnerabilities > Webmin > Webmin
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-08-12 | CVE-2002-0756 | Cross-Site Scripting vulnerability in Webmin / Usermin Login Cross-site scripting vulnerability in the authentication page for (1) Webmin 0.96 and (2) Usermin 0.90 allows remote attackers to insert script into an error page and possibly steal cookies. | 7.5 |
2001-12-31 | CVE-2001-1530 | Local Security vulnerability in Webmin 0.80/0.88 run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands. | 4.6 |
2001-12-17 | CVE-2001-1196 | Directory Traversal vulnerability in Webmin 0.91 Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' (dot dot) in the argument. | 10.0 |
2001-05-28 | CVE-2001-1074 | Information Disclosure vulnerability in Webmin Environment Variable Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges. | 7.2 |
2001-03-26 | CVE-2001-0222 | Unspecified vulnerability in Webmin 0.83 webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack. | 1.2 |
1999-12-31 | CVE-1999-1074 | Unspecified vulnerability in Webmin Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking. | 7.5 |