4 matches found
CVE-2020-35606
Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840...
CVE-2002-2201
The Printer Administration module for Webmin 0.990 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the printer name...
Webmin - Brute Force Command Execution
Webmin - Brute Force Command Execution !/usr/bin/perl Webmin BruteForce + Command execution - By Di42lo usage ./bruteforce.webmin.pl ./bruteforce.webmin.pl 192.168.0.5 "uptime" + BruteForcing... + trying to enter with: admim + trying to enter with: admin + Found SID :...
Webmin 1.x - HTML Email Command Execution
Webmin 1.x - HTML Email Command Execution source: https://www.securityfocus.com/bid/11122/info Webmin / Usermin are reportedly affected by a command execution vulnerability when rendering HTML email messages. This issue is due to a failure to sanitize HTML email messages and may allow an attacker...