Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2012-2983
HistorySep 11, 2012 - 6:55 p.m.

Authorization

2012-09-1118:55:00
PRIOn knowledge base
www.prio-n.com
3

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.017 Low

EPSS

Percentile

87.4%

JSON

file/edit_html.cgi in Webmin 1.590 and earlier does not perform an authorization check before showing a file’s unedited contents, which allows remote attackers to read arbitrary files via the file field.

Related

cve 1
checkpoint_advisories 1
nessus 3
cert 1
securityvulns 2
openvas 1
cve
cve
CVE-2012-2983
2012-09-11 18:55:00
checkpoint_advisories
checkpoint_advisories
Webmin edit_html.cgi file Parameter Traversal Arbitrary File Access (CVE-2012-2983)
2013-01-08 00:00:00
nessus
nessus
Webmin <= 1.580 Multiple Input-Validation Vulnerabilities (deprecated)
2013-05-01 00:00:00
Webmin <= 1.590 Multiple Vulnerabilities
2018-09-19 00:00:00
Mandriva Linux Security Advisory : webmin (MDVSA-2014:062)
2014-03-18 00:00:00
cert
cert
Webmin contains input validation vulnerabilities
2012-09-06 00:00:00
securityvulns
securityvulns
[ MDVSA-2014:062 ] webmin
2014-05-05 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2014-05-05 00:00:00
openvas
openvas
FreeBSD Ports: webmin
2012-11-26 00:00:00

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.017 Low

EPSS

Percentile

87.4%

JSON
Related for PRION:CVE-2012-2983
cve1checkpoint_advisories1nessus3cert1securityvulns2openvas1