A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature.
CVSS Score
6.1
EPSS Score
0.081
Published
2022-04-11
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature.
CVSS Score
8.8
EPSS Score
0.08
Published
2022-04-11
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990.
CVSS Score
8.3
EPSS Score
0.94
Published
2022-03-02
Improper Authorization in GitHub repository webmin/webmin prior to 1.990.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-03-02
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature.
CVSS Score
8.8
EPSS Score
0.399
Published
2021-04-25
Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature.
CVSS Score
9.6
EPSS Score
0.819
Published
2021-04-25
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
CVSS Score
8.8
EPSS Score
0.227
Published
2021-04-25
Page 2