Lucene search
K

93 matches found

CVE
CVE
added 2024/09/04 12:0 a.m.84 views

CVE-2024-45692

CVE-2024-45692 affects Webmin prior to 2.202 and Virtualmin prior to 7.20.2. The issue is a network traffic loop caused by spoofed UDP packets to port 10000, leading to denial of service. Public sources in connected docs confirm affected versions and the root cause (unreachable exit condition loo...

7.5CVSS6.7AI score0.00623EPSS
Exploits0References3Affected Software2
Positive Technologies
Positive Technologies
added 2024/09/04 12:0 a.m.6 views

PT-2024-6378 · Webmin +2 · Webmin +2

Name of the Vulnerable Software and Affected Versions: Webmin versions prior to 2.202 Virtualmin versions prior to 7.20.2 Description: The issue is related to a network traffic loop via spoofed UDP packets on port 10000, which can cause a denial of service. This problem is associated with an...

7.8CVSS7.2AI score0.00623EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2024/03/19 12:0 a.m.6 views

PT-2024-2233 · Broadcom +2 · Broadcom +2

Name of the Vulnerable Software and Affected Versions: Webmin/Virtualmin versions affected versions not specified Broadcom affected versions not specified Microsoft affected versions not specified MikroTik affected versions not specified Description: The issue is related to implementations of UDP...

7.8CVSS6.8AI score0.05397EPSS
Exploits0References40
OSV
OSV
added 2023/11/01 12:15 a.m.7 views

CVE-2023-47095

A Stored Cross-Site Scripting XSS vulnerability in the Custom fields of Edit Virtual Server under System Customization in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Batch Label field while details of Virtual Server...

5.4CVSS5.9AI score0.00441EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/11/01 12:15 a.m.5 views

CVE-2023-47094

A Stored Cross-Site Scripting XSS vulnerability in the Account Plans tab of System Settings in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Plan name field while editing Account plan details...

5.4CVSS5.9AI score0.00441EPSS
Exploits1References2
OSV
OSV
added 2023/11/01 12:15 a.m.5 views

CVE-2023-47097

A Stored Cross-Site Scripting XSS vulnerability in the Server Template under System Setting in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Template name field while creating server templates...

5.4CVSS5.9AI score0.00407EPSS
Exploits1References1
OSV
OSV
added 2023/11/01 12:15 a.m.5 views

CVE-2023-47099

A Stored Cross-Site Scripting XSS vulnerability in the Create Virtual Server in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via Description field while creating the Virtual server...

5.4CVSS5.9AI score0.00441EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/11/01 12:15 a.m.6 views

CVE-2023-47098

A Stored Cross-Site Scripting XSS vulnerability in the Manage Extra Admins under Administration Options in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the real name or description field...

4.8CVSS5.9AI score0.00451EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/11/01 12:15 a.m.5 views

CVE-2023-47095

A Stored Cross-Site Scripting XSS vulnerability in the Custom fields of Edit Virtual Server under System Customization in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Batch Label field while details of Virtual Server...

5.4CVSS5.9AI score0.00441EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/11/01 12:15 a.m.3 views

CVE-2023-47097

A Stored Cross-Site Scripting XSS vulnerability in the Server Template under System Setting in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Template name field while creating server templates...

5.4CVSS5.9AI score0.00407EPSS
Exploits1References2
OSV
OSV
added 2023/11/01 12:15 a.m.5 views

CVE-2023-47096

A Reflected Cross-Site Scripting XSS vulnerability in the Cloudmin Services Client under System Setting in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Cloudmin services master field...

5.4CVSS5.9AI score0.00407EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/11/01 12:15 a.m.4 views

CVE-2023-47096

A Reflected Cross-Site Scripting XSS vulnerability in the Cloudmin Services Client under System Setting in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Cloudmin services master field...

5.4CVSS5.9AI score0.00407EPSS
Exploits1References2
OSV
OSV
added 2023/11/01 12:15 a.m.3 views

CVE-2023-47098

A Stored Cross-Site Scripting XSS vulnerability in the Manage Extra Admins under Administration Options in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the real name or description field...

4.8CVSS5.9AI score0.00451EPSS
Exploits1References1
OSV
OSV
added 2023/11/01 12:15 a.m.6 views

CVE-2023-47094

A Stored Cross-Site Scripting XSS vulnerability in the Account Plans tab of System Settings in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Plan name field while editing Account plan details...

5.4CVSS5.9AI score0.00441EPSS
Exploits1References1
NVD
NVD
added 2023/11/01 12:15 a.m.29 views

CVE-2023-47099

A Stored Cross-Site Scripting XSS vulnerability in the Create Virtual Server in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via Description field while creating the Virtual server...

5.4CVSS5.2AI score0.00441EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/11/01 12:15 a.m.5 views

CVE-2023-47099

A Stored Cross-Site Scripting XSS vulnerability in the Create Virtual Server in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via Description field while creating the Virtual server...

5.4CVSS5.9AI score0.00441EPSS
Exploits1References2
Prion
Prion
added 2023/11/01 12:15 a.m.19 views

Cross site scripting

A Stored Cross-Site Scripting XSS vulnerability in the Manage Extra Admins under Administration Options in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the real name or description field...

4.3CVSS4.9AI score0.00451EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/10/31 12:0 a.m.68 views

CVE-2023-47099

CVE-2023-47099 is a stored XSS in Virtualmin’s Create Virtual Server feature affecting Virtualmin 7.7. The vulnerability stems from insufficient sanitization of the Description field during Virtual Server creation, allowing remote attackers to inject arbitrary script/HTML. Impact is XSS in the se...

5.4CVSS5.2AI score0.00441EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/31 12:0 a.m.11 views

CVE-2023-47098

A Stored Cross-Site Scripting XSS vulnerability in the Manage Extra Admins under Administration Options in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the real name or description field...

5.5AI score0.00451EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/10/31 12:0 a.m.10 views

CVE-2023-47099

A Stored Cross-Site Scripting XSS vulnerability in the Create Virtual Server in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via Description field while creating the Virtual server...

5.5AI score0.00441EPSS
Exploits1References1
Rows per page
Query Builder