Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

GithubExploit
GithubExploitadded 2020/10/15 2:53 p.m.81 views

Exploit for OS Command Injection in Webmin

CVE-2019–15107 - Unauthenticated RCE Webmin =1.920 This...

10CVSS0.94459EPSS
Exploits36
GithubExploit
GithubExploitadded 2020/09/13 3:11 a.m.65 views

Exploit for OS Command Injection in Webmin

Webmin 1.890 expired Remote Root CVE-2019-15107 Webmin ve...

10CVSS3.7AI score0.94459EPSS
Exploits36
Packet Storm
Packet Stormadded 2019/08/26 12:0 a.m.1119 views

Webmin 1.890 expired Remote Root

!/usr/bin/perl -w Webmin 1.890 based on 1.920 research 'expired' Remote Root Exploit Copyright 2019 c Todor Donev Installation on CentOS: rpm -ivh https://sourceforge.net/projects/webadmin/files/webmin/1.890/webmin-1.890-1.noarch.rpm/download Disclaimer: This or previous programs are for...

7.4AI score
Exploits0
Metasploit
Metasploitadded 2019/08/21 7:2 a.m.31 views

Webmin password_change.cgi Backdoor

This module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the SourceForge downloads were backdoored, but they are listed as official downloads on the project's site. Unknown attackers inserted Perl qx statements into the build server's source code on two separate occasions: onc...

7.3AI score
Exploits0
OSV
OSVadded 2019/03/21 4:0 p.m.18 views

CVE-2018-19191

Webmin 1.890 has XSS via /config.cgi?webmin, the /shell/index.cgi history parameter, /shell/index.cgi?stripped=1, or the /webminlog/search.cgi uall or mall parameter...

5.4CVSS5.8AI score
Exploits0References2
Prion
Prionadded 2019/03/21 4:0 p.m.19 views

Code injection

Webmin 1.890 has XSS via /config.cgi?webmin, the /shell/index.cgi history parameter, /shell/index.cgi?stripped=1, or the /webminlog/search.cgi uall or mall parameter...

3.5CVSS5.2AI score0.01753EPSS
Exploits2References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2019/03/21 12:0 a.m.434 views

CVE-2018-19191

Webmin 1.890 has XSS via /config.cgi?webmin, the /shell/index.cgi history parameter, /shell/index.cgi?stripped=1, or the /webminlog/search.cgi uall or mall parameter. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

5.4CVSS2.6AI score0.01753EPSS
In wildExploits2References3
CVE
CVEadded 2019/03/17 9:27 p.m.171 views

CVE-2018-19191

Vulnerability (CVE-2018-19191): Webmin 1.890 is vulnerable to a cross-site scripting (XSS) flaw. The flaw allows an unauthenticated, remote attacker to trigger arbitrary script execution in a user’s browser by getting a user to click a specially crafted URL. Affected parameters include /config.cg...

5.4CVSS5.2AI score0.01753EPSS
In wildExploits2References2Affected Software1
Cvelist
Cvelistadded 2019/03/17 9:27 p.m.13 views

CVE-2018-19191

Webmin 1.890 has XSS via /config.cgi?webmin, the /shell/index.cgi history parameter, /shell/index.cgi?stripped=1, or the /webminlog/search.cgi uall or mall parameter...

5.3AI score0.01753EPSS
Exploits2References2
CNVD
CNVDadded 2019/01/16 12:0 a.m.1 views

Webmin cross-site scripting vulnerability (CNVD-2019-01675)

Webmin is a web-based system administration tool for Unix-like operating systems developed by Australian software developer Jamie Cameron and the Webmin community. A cross-site scripting vulnerability exists in Webmin version 1.890, which can be exploited by remote attackers to inject arbitrary W...

5.4CVSS6.3AI score0.01753EPSS
Exploits2References1
Rows per page
Query Builder