Lucene search

[email protected]CVE-2007-1276

HistoryMar 05, 2007 - 8:19 p.m.

CVE-2007-1276

2007-03-0520:19:00

CWE-352

[email protected]

web.nvd.nist.gov

cve-2007-1276

cross-site scripting

xss

vulnerabilities

webmin

usermin

remote attackers

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

77.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin before 1.330 and Usermin before 1.260 allow remote attackers to inject arbitrary web script or HTML via a crafted filename.

CPENameOperatorVersion
webmin:webminwebmineq1.2.50
usermin:userminusermineq1.070
webmin:webminwebmineq1.0.20
webmin:webminwebmineq1.0.51
webmin:webminwebmineq1.0.10
usermin:userminusermineq1.040
usermin:userminusermineq1.250
usermin:userminusermineq1.060
webmin:webminwebmineq1.1.50
webmin:webminwebmineq1.0.60

CPE	Name	Operator	Version
webmin:webmin	webmin	eq	1.2.50
usermin:usermin	usermin	eq	1.070
webmin:webmin	webmin	eq	1.0.20
webmin:webmin	webmin	eq	1.0.51
webmin:webmin	webmin	eq	1.0.10
usermin:usermin	usermin	eq	1.040
usermin:usermin	usermin	eq	1.250
usermin:usermin	usermin	eq	1.060
webmin:webmin	webmin	eq	1.1.50
webmin:webmin	webmin	eq	1.0.60

Rows per page:

1-10 of 441

References

osvdb.org/33832

secunia.com/advisories/24321

www.securitytracker.com/id?1017711

www.vupen.com/english/advisories/2007/0780

www.webmin.com/changes-1.330.html

www.webmin.com/security.html

exchange.xforce.ibmcloud.com/vulnerabilities/32725

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

77.6%

JSON

Related for CVE-2007-1276

prion1 nessus1 securityvulns1