93 matches found
CVE-2024-45692
CVE-2024-45692 affects Webmin prior to 2.202 and Virtualmin prior to 7.20.2. The issue is a network traffic loop caused by spoofed UDP packets to port 10000, leading to denial of service. Public sources in connected docs confirm affected versions and the root cause (unreachable exit condition loo...
PT-2024-6378 · Webmin +2 · Webmin +2
Name of the Vulnerable Software and Affected Versions: Webmin versions prior to 2.202 Virtualmin versions prior to 7.20.2 Description: The issue is related to a network traffic loop via spoofed UDP packets on port 10000, which can cause a denial of service. This problem is associated with an...
PT-2024-2233 · Broadcom +2 · Broadcom +2
Name of the Vulnerable Software and Affected Versions: Webmin/Virtualmin versions affected versions not specified Broadcom affected versions not specified Microsoft affected versions not specified MikroTik affected versions not specified Description: The issue is related to implementations of UDP...
CVE-2023-47095
A Stored Cross-Site Scripting XSS vulnerability in the Custom fields of Edit Virtual Server under System Customization in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Batch Label field while details of Virtual Server...
CVE-2023-47094
A Stored Cross-Site Scripting XSS vulnerability in the Account Plans tab of System Settings in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Plan name field while editing Account plan details...
CVE-2023-47097
A Stored Cross-Site Scripting XSS vulnerability in the Server Template under System Setting in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Template name field while creating server templates...
CVE-2023-47099
A Stored Cross-Site Scripting XSS vulnerability in the Create Virtual Server in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via Description field while creating the Virtual server...
CVE-2023-47098
A Stored Cross-Site Scripting XSS vulnerability in the Manage Extra Admins under Administration Options in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the real name or description field...
CVE-2023-47095
A Stored Cross-Site Scripting XSS vulnerability in the Custom fields of Edit Virtual Server under System Customization in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Batch Label field while details of Virtual Server...
CVE-2023-47097
A Stored Cross-Site Scripting XSS vulnerability in the Server Template under System Setting in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Template name field while creating server templates...
CVE-2023-47096
A Reflected Cross-Site Scripting XSS vulnerability in the Cloudmin Services Client under System Setting in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Cloudmin services master field...
CVE-2023-47096
A Reflected Cross-Site Scripting XSS vulnerability in the Cloudmin Services Client under System Setting in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Cloudmin services master field...
CVE-2023-47098
A Stored Cross-Site Scripting XSS vulnerability in the Manage Extra Admins under Administration Options in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the real name or description field...
CVE-2023-47094
A Stored Cross-Site Scripting XSS vulnerability in the Account Plans tab of System Settings in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Plan name field while editing Account plan details...
CVE-2023-47099
A Stored Cross-Site Scripting XSS vulnerability in the Create Virtual Server in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via Description field while creating the Virtual server...
CVE-2023-47099
A Stored Cross-Site Scripting XSS vulnerability in the Create Virtual Server in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via Description field while creating the Virtual server...
Cross site scripting
A Stored Cross-Site Scripting XSS vulnerability in the Manage Extra Admins under Administration Options in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the real name or description field...
CVE-2023-47099
CVE-2023-47099 is a stored XSS in Virtualmin’s Create Virtual Server feature affecting Virtualmin 7.7. The vulnerability stems from insufficient sanitization of the Description field during Virtual Server creation, allowing remote attackers to inject arbitrary script/HTML. Impact is XSS in the se...
CVE-2023-47098
A Stored Cross-Site Scripting XSS vulnerability in the Manage Extra Admins under Administration Options in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the real name or description field...
CVE-2023-47099
A Stored Cross-Site Scripting XSS vulnerability in the Create Virtual Server in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via Description field while creating the Virtual server...