2 matches found
CVE-2017-15645
CSRF exists in Webmin 1.850. By sending a GET request to at/createjob.cgi containing dir=/= in the URI, an attacker to execute arbitrary commands...
CVE-2017-15645
CVE-2017-15645 : Webmin 1.850 is vulnerable to CSRF via a crafted GET request to at/create_job.cgi containing dir=/&cmd= in the URI, enabling an attacker to execute arbitrary commands. Multiple connected sources corroborate the vulnerability, including Red Hat and CVE registries; the attack vecto...