1357 matches found
CVE-2025-61541
Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...
EUVD-2025-34767
Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...
CVE-2025-61541
Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...
CVE-2025-61541
Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...
CVE-2025-61541
Webmin 2.510 is affected by CVE-2025-61541 due to a Host Header Injection in forgot_send.cgi. The reset link is constructed using the HTTP Host header via get_webmin_email_url(), allowing an attacker to inject a malicious domain into the password reset email. If a victim clicks the poisoned link,...
CVE-2025-61541
Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...
CVE-2025-61541
Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...
Webmin 安全漏洞
Webmin is a set of Web-based system administration tools for use in Unix-like operating systems from the Webmin community. A security vulnerability exists in Webmin version 2.510, which stems from an unvalidated HTTP Host header in the password reset function, which could allow an attacker to...
PoC_Webmin
...
PT-2025-42477
Name of the Vulnerable Software and Affected Versions Webmin version 2.510 Description Webmin version 2.510 has a flaw in the password reset functionality forgot send.cgi. The reset link sent to users is created using the HTTP Host header through the get webmin email url function. An attacker can...
EUVD-2011-5221
Malware in sbrugna...
EUVD-2008-0730
Malware in sbrugna...
EUVD-2012-4818
Malware in sbrugna...
EUVD-2018-20323
Malware in sbrugna...
EUVD-2001-1055
Malware in sbrugna...
EUVD-2014-3861
Malware in sbrugna...
EUVD-2006-4530
Malware in sbrugna...
EUVD-2002-1654
Malware in sbrugna...
EUVD-2015-2124
Malware in sbrugna...
EUVD-2017-11289
Malware in sbrugna...