Lucene search
K

380 matches found

CNNVD
CNNVD
added 2024/07/09 12:0 a.m.4 views

Webmin Security Vulnerabilities

Webmin is a set of Web-based system administration tools for use in Unix-like operating systems from the Webmin community. A security vulnerability exists in Webmin versions prior to 1.970 and Usermin versions prior to 1.820, which stems from a cross-site scripting vulnerability in sessionlogin.c...

6.1CVSS6.1AI score0.004EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.5 views

PT-2024-5727 · Webmin +2 · Webmin +2

Name of the Vulnerable Software and Affected Versions: Webmin versions prior to 1.970 Usermin versions prior to 1.820 Description: A cross-site scripting issue exists due to inadequate protection of the webpage structure in the session login.cgi script of Webmin and Usermin. This can be exploited...

6.4CVSS6.6AI score0.004EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2023/09/16 6:15 a.m.4 views

CVE-2023-41157

Multiple stored cross-site scripting XSS vulnerabilities in Usermin 2.000 allow remote attackers to inject arbitrary web script or HTML via the folder name parameter while creating the folder to manage the folder tab, filter tab, and forward mail tab...

5.4CVSS5.8AI score0.00397EPSS
Exploits0References3
NVD
NVD
added 2023/09/16 6:15 a.m.26 views

CVE-2023-41157

Multiple stored cross-site scripting XSS vulnerabilities in Usermin 2.000 allow remote attackers to inject arbitrary web script or HTML via the folder name parameter while creating the folder to manage the folder tab, filter tab, and forward mail tab...

5.4CVSS5.4AI score0.00397EPSS
Exploits0References2
Prion
Prion
added 2023/09/16 6:15 a.m.23 views

Cross site scripting

Multiple stored cross-site scripting XSS vulnerabilities in Usermin 2.000 allow remote attackers to inject arbitrary web script or HTML via the folder name parameter while creating the folder to manage the folder tab, filter tab, and forward mail tab...

4.9CVSS5.4AI score0.00397EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/09/16 12:0 a.m.101 views

CVE-2023-41157

CVE-2023-41157 affects Usermin 2.000. The vulnerability is a stored XSS in the folder name parameter when creating folders, affecting the Folder/Filters/Forward Mail tabs. An attacker can inject arbitrary script/HTML by supplying crafted folder names. Root cause is improper handling/validation of...

5.4CVSS5.3AI score0.00397EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/16 12:0 a.m.13 views

CVE-2023-41157

Multiple stored cross-site scripting XSS vulnerabilities in Usermin 2.000 allow remote attackers to inject arbitrary web script or HTML via the folder name parameter while creating the folder to manage the folder tab, filter tab, and forward mail tab...

5.8AI score0.00397EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/09/16 12:0 a.m.5 views

Webmin Usermin Cross-Site Scripting Vulnerability

Webmin Usermin is a web-based interface from Webmin Inc. It is used for webmail, password change, mail filters, fetchmail, and more. A cross-site scripting vulnerability exists in Webmin Usermin version 2.000. A remote attacker can use this vulnerability to inject arbitrary web script or HTML via...

5.4CVSS6AI score0.00397EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/09/15 1:15 a.m.4 views

CVE-2023-40986

A stored cross-site scripting XSS vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field...

5.4CVSS5.9AI score0.00415EPSS
Exploits1References3
NVD
NVD
added 2023/09/15 1:15 a.m.35 views

CVE-2023-40986

A stored cross-site scripting XSS vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field...

5.4CVSS5.3AI score0.00415EPSS
Exploits1References2
OSV
OSV
added 2023/09/15 1:15 a.m.30 views

CVE-2023-40986

A stored cross-site scripting XSS vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field...

5.4CVSS5.7AI score0.00415EPSS
Exploits1References2
Prion
Prion
added 2023/09/15 1:15 a.m.22 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field...

4.9CVSS5.3AI score0.00415EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/09/15 12:0 a.m.38 views

CVE-2023-40986

A stored cross-site scripting XSS vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field...

5.4AI score0.00415EPSS
Exploits1References2
CVE
CVE
added 2023/09/15 12:0 a.m.46 views

CVE-2023-40986

CVE-2023-40986 concerns a stored XSS in the Usermin Configuration function of Webmin v2.100, triggered by a crafted payload in the Custom field that can cause arbitrary web scripts/HTML execution. The connected sources (Red Hat advisory, CVE records, Nessus/DSS descriptions, and CVE lists) consis...

5.4CVSS5.2AI score0.00415EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/09/15 12:0 a.m.5 views

PT-2023-27832 · Usermin · Usermin

Name of the Vulnerable Software and Affected Versions: Usermin version 2.000 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the folder name parameter while creating a folder. This affects the management of the folder tab, filter tab, and forward mail tab...

5.4CVSS5.7AI score0.00397EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/09/15 12:0 a.m.13 views

CVE-2023-40986

A stored cross-site scripting XSS vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field...

5.5AI score0.00415EPSS
Exploits1References2
NVD
NVD
added 2023/09/14 9:15 p.m.27 views

CVE-2023-41160

A Stored Cross-Site Scripting XSS vulnerability in the SSH configuration tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the key name field while adding an authorized key...

5.4CVSS5.2AI score0.00475EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/09/14 9:15 p.m.4 views

CVE-2023-41159

A Stored Cross-Site Scripting XSS vulnerability while editing the autoreply file page in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML by editing the forward file manually...

5.4CVSS5.9AI score0.00421EPSS
Exploits0References3
OSV
OSV
added 2023/09/14 9:15 p.m.28 views

CVE-2023-41159

A Stored Cross-Site Scripting XSS vulnerability while editing the autoreply file page in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML by editing the forward file manually...

5.4CVSS5.6AI score0.00421EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/09/14 9:15 p.m.8 views

CVE-2023-41160

A Stored Cross-Site Scripting XSS vulnerability in the SSH configuration tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the key name field while adding an authorized key...

5.4CVSS6AI score0.00475EPSS
Exploits1References3
Rows per page
Query Builder