The Printer Administration module for Webmin 0.990 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the printer name.
CVSS Score
10.0
EPSS Score
0.019
Published
2002-12-31
The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests.
CVSS Score
9.3
EPSS Score
0.034
Published
2002-12-31
run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands.
CVSS Score
4.6
EPSS Score
0.0
Published
2001-12-31
Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges.
CVSS Score
7.2
EPSS Score
0.0
Published
2001-05-28
Page 5