Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:14 a.m.8 views

CVE-2018-8712

An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file as a log file" is enabled. As a result of weak default configuration settings, limited users have full access rights to the underlying Unix system files, allowing the user to read sensitive data...

9.8CVSS6.4AI score0.01828EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/03/22 12:0 a.m.288 views

Webmin 1.840 / 1.880 Local File Inclusion Vulnerability

According to its self-reported version, the Webmin install hosted on the remote host is 1.840 or 1.880. It is, therefore, affected by a local file inclusion vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid108563; scriptversion"1.3"; scriptcvsdate"Date:...

9.8CVSS8.4AI score0.01828EPSS
Exploits0References2
OSV
OSV
added 2018/03/14 7:29 p.m.28 views

CVE-2018-8712

An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file as a log file" is enabled. As a result of weak default configuration settings, limited users have full access rights to the underlying Unix system files, allowing the user to read sensitive data...

9.8CVSS6.6AI score
Exploits0References1
CVE
CVE
added 2018/03/14 7:0 p.m.98 views

CVE-2018-8712

Webmin 1.840/1.880 expose a Local File Inclusion flaw due to weak default config: enabling "Can view any file as a log file" lets non-privileged users read sensitive local files (e.g., /etc/shadow) via GET /syslog/save_log.cgi?view=1&file=/etc/shadow. Root cause: default settings grant access to ...

9.8CVSS8.8AI score0.01828EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder