CVE-2023-38303

An issue was discovered in Webmin 2.021. One can exploit a stored Cross-Site Scripting XSS attack to achieve Remote Command Execution RCE through the Users and Group's real name parameter...

Webmin 跨站脚本漏洞

Webmin is a set of Web-based system administration tools for Unix-like operating systems from the Webmin community. A security vulnerability exists in Webmin version 2.021, which stems from a Reflected Cross-Site Scripting XSS vulnerability discovered in the Package Search feature. The...

PT-2023-4158 · Webmin +1 · Webmin +1

Name of the Vulnerable Software and Affected Versions: Webmin version 2.021 Description: A Reflected Cross-Site Scripting XSS issue was discovered in the package search functionality, allowing an attacker to inject a malicious payload in the Search for Package field. This payload gets reflected...

Webmin 跨站脚本漏洞

Webmin is a set of Web-based system administration tools for Unix-like operating systems from the Webmin community. A security vulnerability exists in Webmin version 2.021, which stems from a cross-site scripting XSS bypass vulnerability discovered in the file upload feature. Typically, the...

PT-2023-4160 · Webmin +1 · Webmin +1

Name of the Vulnerable Software and Affected Versions: Webmin version 2.021 Description: A Cross-site Scripting XSS Bypass vulnerability was discovered in the file upload functionality of Webmin. Normally, the application restricts the upload of certain file types such as .svg, .php, etc., and...

PT-2023-4159 · Webmin +1 · Webmin +1

Name of the Vulnerable Software and Affected Versions: Webmin version 2.021 Description: An issue was discovered in the download functionality, allowing an attacker to exploit a Cross-Site Scripting XSS vulnerability. By providing a crafted download path containing a malicious payload, an attacke...