Shodan
Vulnerabilities
Vulnerable Software
Webmin:  Security Vulnerabilities
CVE-2023-41162
A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-09-13
CVE-2023-41152
A Stored Cross-Site Scripting (XSS) vulnerability in the MIME type programs tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the handle program field while creating a new MIME type program.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-13
CVE-2023-41154
A Stored Cross-Site Scripting (XSS) vulnerability in the scheduled cron jobs tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the value field parameter while creating a new environment variable.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-13
CVE-2023-41155
A Stored Cross-Site Scripting (XSS) vulnerability in the mail forwarding and replies tab in Webmin and Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the forward to field while creating a mail forwarding rule.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-13
CVE-2023-41158
A Stored Cross-Site Scripting (XSS) vulnerability in the MIME type programs tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the description field while creating a new MIME type program.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-13
CVE-2023-41161
Multiple stored cross-site scripting (XSS) vulnerabilities in Usermin 2.000 allow remote attackers to inject arbitrary web script or HTML via the key comment to different pages such as public key details, Export key, sign key, send to key server page, and fetch from key server page tab.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-09-07
CVE-2023-41163
A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the replace in results field while replacing the results under the tools drop down.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-08-30
CVE-2023-41153
A Stored Cross-Site Scripting (XSS) vulnerability in the SSH configuration tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via options for the host value while editing the host options.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-08-29
CVE-2023-38303
An issue was discovered in Webmin 2.021. One can exploit a stored Cross-Site Scripting (XSS) attack to achieve Remote Command Execution (RCE) through the Users and Group's real name parameter.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-07-31
CVE-2023-38304
An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Users and Groups functionality, allowing an attacker to store a malicious payload in the Group Name field when creating a new group.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-07-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved