Lucene search
K

1357 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:29 p.m.5 views

CVE-2023-40986

A stored cross-site scripting XSS vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field...

5.4CVSS5.6AI score0.00415EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:40 a.m.5 views

CVE-2001-1530

run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands...

4.6CVSS7.4AI score0.004EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:23 a.m.6 views

CVE-2021-31760

Webmin 1.973 is affected by Cross Site Request Forgery CSRF to achieve Remote Command Execution RCE through Webmin's running process feature...

8.8CVSS7.3AI score0.08516EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:12 a.m.9 views

CVE-2022-0829

Improper Authorization in GitHub repository webmin/webmin prior to 1.990...

8.1CVSS6.7AI score0.01275EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:41 a.m.10 views

CVE-2022-0824

Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990...

9CVSS7.3AI score0.96977EPSS
Exploits13References1
GithubExploit
GithubExploit
added 2026/01/08 11:51 a.m.239 views

Exploit for Improper Privilege Management in Webmin

CVE-2019-9624 Authenticated RCE for Webmin 1.9.0 Webmin 1.9...

7.8CVSS8.3AI score0.23689EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.15 views

CVE-2019-12840

In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi...

9CVSS7.6AI score0.77813EPSS
Exploits9References1
GithubExploit
GithubExploit
added 2025/12/27 4:38 p.m.173 views

Exploit for Generation of Error Message Containing Sensitive Information in Webmin Usermin

No d...

5.3CVSS7AI score0.02621EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2025/12/12 7:16 a.m.5 views

CVE-2025-67738

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions the "cms" security option...

8.5CVSS6.9AI score0.00306EPSS
Exploits0References1
NVD
NVD
added 2025/12/11 7:16 a.m.7 views

CVE-2025-67738

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions the "cms" security option...

8.5CVSS0.00306EPSS
Exploits0References3
OSV
OSV
added 2025/12/11 7:16 a.m.7 views

CVE-2025-67738

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions the "cms" security option...

8.5CVSS6.8AI score0.00306EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/11 6:34 a.m.31 views

CVE-2025-67738

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions the "cms" security option...

8.5CVSS0.00306EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/11 6:34 a.m.5 views

EUVD-2025-202665

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions the "cms" security option...

8.5CVSS6.4AI score0.00306EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/11 6:34 a.m.5 views

CVE-2025-67738

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions the "cms" security option...

8.5CVSS6.5AI score0.00306EPSS
Exploits0References3
CVE
CVE
added 2025/12/11 6:34 a.m.29 views

CVE-2025-67738

CVE-2025-67738 affects Webmin prior to 2.600. The issue resides in squid/cachemgr.cgi where arguments are not properly quoted, applicable when Webmin’s Squid module and its Cache Manager feature are enabled and an untrusted, authenticated user holds certain Cache Manager permissions (the cms opti...

8.5CVSS6.5AI score0.00306EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.8 views

PT-2025-50582

Name of the Vulnerable Software and Affected Versions Webmin versions prior to 2.600 Description The application does not properly handle arguments within the cachemgr.cgi script when the Squid module and its Cache Manager feature are enabled. This issue arises if an unauthorized user gains acces...

8.5CVSS6.5AI score0.00306EPSS
Exploits0References15
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.3 views

Webmin 操作系统命令注入漏洞

Webmin is a set of Web-based system administration tools for use in Unix-like operating systems from the Webmin community. An operating system command injection vulnerability exists in versions of Webmin prior to 2.600, which stems from an incorrectly referenced parameter and could lead to securi...

8.5CVSS7.2AI score0.00306EPSS
Exploits0References2
Redos
Redos
added 2025/11/13 12:0 a.m.5 views

ROS-20251113-02

The Webmin hosting control panel vulnerability involves manipulating the Host header to inject a malicious domain into a password reset email. malicious domain in a password reset link email. Exploitation of the vulnerability could allow an attacker acting remotely to intercept the password reset...

7.1CVSS7.1AI score0.00416EPSS
Exploits1
Redos
Redos
added 2025/11/05 12:0 a.m.4 views

ROS-20251105-05

Vulnerability of passwordchange.cgi script of Webmin hosting control panel and web-interface for unix-like systems Usermin is related to flaws in error reporting mechanism. unix-like systems Usermin is related to a flaw in the error reporting mechanism. Exploitation of the vulnerability could all...

5.3CVSS6.9AI score0.02621EPSS
Exploits5
Redos
Redos
added 2025/10/28 12:0 a.m.11 views

ROS-20251028-01

A vulnerability in the Webmin hosting control panel CGI request handler is associated with errors in processing input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code with root privileges...

9.9CVSS7.1AI score0.32018EPSS
Exploits0
Rows per page
Query Builder