Lucene search
+L
GentooWebmin

5 matches found

CVE
CVE
added 2012/09/11 6:0 p.m.199 views

CVE-2012-2982

CVE-2012-2982 is a Webmin vulnerability affecting 1.590 and earlier in /file/show.cgi that allows an authenticated user to execute arbitrary commands via an invalid pathname (notably with a pipe). Public details include exploit modules and multiple advisories; remediation is upgrading Webmin to a...

6.5CVSS7.1AI score0.61925EPSS
Web
CVE
CVE
added 2012/09/11 6:0 p.m.176 views

CVE-2012-2983

Summary (CVE-2012-2983) : Webmin is affected by a directory/file-parameter traversal in the edit_html.cgi component on Webmin 1.590 and earlier. The root cause is the lack of an authorization check before displaying a file’s unedited contents, allowing remote attackers to read arbitrary files via...

5CVSS6.6AI score0.20456EPSS
Web
CVE
CVE
added 2012/09/11 6:0 p.m.70 views

CVE-2012-2981

Webmin versions 1.590 and earlier are vulnerable to remote authenticated code execution via a crafted file tied to the type (monitor type name) parameter. The CVE entry CVE-2012-2981 lists this as an arbitrary Perl code execution with CVSS v2 base score 6.0 (network, single authentication, partia...

6CVSS7.1AI score0.02117EPSS
CVE
CVE
added 2012/09/11 7:0 p.m.67 views

CVE-2012-4893

Webmin

6.8CVSS7.2AI score0.00847EPSS
CVE
CVE
added 2005/02/15 5:0 a.m.63 views

CVE-2005-0427

The CVE-2005-0427 issue affects Webmin on Gentoo (before 1.170-r3). The ebuild builds a tbz2 of Webmin that unintentionally includes the encrypted root password in miniserv.users, allowing a remote attacker to obtain and potentially crack the password. Gentoo GLSA 200502-12 documents this design ...

5CVSS6.7AI score0.02204EPSS