📦 Webmin

CVE-2022-36446 is a command injection vulnerability in Webmin's apt-lib.pl module that allows remote attackers to execute arbitrary commands on affected systems. The vulnerability affects Webmin insta...

This Cross-Site Scripting (XSS) vulnerability in Webmin 1.973 allows attackers to inject malicious scripts via the Scheduled Cron Jobs feature. When exploited, it enables session hijacking, credential...

CVE-2021-31761 is a reflected cross-site scripting (XSS) vulnerability in Webmin 1.973 that can be exploited to achieve remote command execution through Webmin's running process feature. Attackers can...

CVE-2020-35769 is a critical vulnerability in Webmin's miniserv.pl CGI handler on Windows that allows remote code execution through improper handling of special characters in query arguments. Attacker...

Webmin 2.510 has a Host Header Injection vulnerability in the password reset functionality that allows attackers to manipulate password reset emails. By injecting a malicious domain via the HTTP Host ...

This vulnerability allows authenticated remote attackers to execute arbitrary commands as root on vulnerable Webmin installations. Attackers can inject malicious commands through CGI requests, leading...

This vulnerability allows attackers to create a network traffic loop via spoofed UDP packets on port 10000, causing denial of service. It affects Webmin and Virtualmin installations before specific ve...

This vulnerability in Webmin's ajaxterm module allows unauthorized users to hijack console sessions when insufficient permissions are improperly handled. It affects Webmin versions prior to 2.003, pot...

This CSRF vulnerability in Webmin 1.973 allows attackers to trick authenticated administrators into performing unauthorized file uploads or downloads via the Upload and Download feature. Attackers can...

This CSRF vulnerability in Webmin's File Manager allows attackers to trick authenticated administrators into performing unauthorized file operations. It affects Webmin versions 1.973 and potentially e...

This vulnerability in Webmin allows attackers to bypass access controls and execute arbitrary code remotely on affected systems. It affects Webmin installations prior to version 1.990, potentially com...

This is a cross-site scripting (XSS) vulnerability in Webmin and Usermin's session_login.cgi that allows attackers to inject malicious scripts. When exploited, these scripts execute in victims' browse...