Lucene search
K

1357 matches found

RedhatCVE
RedhatCVE
added 2025/10/17 2:52 p.m.6 views

CVE-2025-61541

Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...

7.1CVSS7.4AI score0.00416EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/16 3:30 p.m.5 views

EUVD-2025-34767

Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...

7.1CVSS6.9AI score0.00416EPSS
Exploits1References5
OSV
OSV
added 2025/10/16 3:15 p.m.7 views

CVE-2025-61541

Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...

7.1CVSS7.5AI score0.00416EPSS
Exploits1References3
NVD
NVD
added 2025/10/16 3:15 p.m.8 views

CVE-2025-61541

Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...

7.1CVSS0.00416EPSS
Exploits1References3
CVE
CVE
added 2025/10/16 12:0 a.m.24 views

CVE-2025-61541

Webmin 2.510 is affected by CVE-2025-61541 due to a Host Header Injection in forgot_send.cgi. The reset link is constructed using the HTTP Host header via get_webmin_email_url(), allowing an attacker to inject a malicious domain into the password reset email. If a victim clicks the poisoned link,...

7.1CVSS7AI score0.00416EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/10/16 12:0 a.m.9 views

CVE-2025-61541

Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...

0.00416EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/10/16 12:0 a.m.3 views

CVE-2025-61541

Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...

7AI score0.00416EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.3 views

Webmin 安全漏洞

Webmin is a set of Web-based system administration tools for use in Unix-like operating systems from the Webmin community. A security vulnerability exists in Webmin version 2.510, which stems from an unvalidated HTTP Host header in the password reset function, which could allow an attacker to...

7.1CVSS6.7AI score0.00416EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2025/10/11 9:2 p.m.59 views

PoC_Webmin

...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/11 12:0 a.m.4 views

PT-2025-42477

Name of the Vulnerable Software and Affected Versions Webmin version 2.510 Description Webmin version 2.510 has a flaw in the password reset functionality forgot send.cgi. The reset link sent to users is created using the HTTP Host header through the get webmin email url function. An attacker can...

8.5CVSS6.6AI score0.00416EPSS
Exploits1References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2011-5221

Malware in sbrugna...

10CVSS9.2AI score0.01679EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-0730

Malware in sbrugna...

4.3CVSS6.4AI score0.01223EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-4818

Malware in sbrugna...

6.8CVSS6.2AI score0.00847EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-20323

Malware in sbrugna...

9.8CVSS9.3AI score0.01828EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2001-1055

Malware in sbrugna...

7.2CVSS6.4AI score0.00514EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-3861

Malware in sbrugna...

4.3CVSS6.1AI score0.01357EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-4530

Malware in sbrugna...

6.8CVSS6.1AI score0.0297EPSS
Exploits0References18
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2002-1654

Malware in sbrugna...

3.6CVSS6.4AI score0.0079EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-2124

Malware in sbrugna...

9CVSS6.4AI score0.02207EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-11289

Malware in sbrugna...

6.1CVSS6.1AI score0.01739EPSS
Exploits0References4
Rows per page
Query Builder