Webmin 1.973

CPE Details

Webmin 1.973
webmin
webmin
1.973
2021-04-26
22h17 +00:00
2021-08-13
16h22 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:webmin:webmin:1.973:*:*:*:*:*:*:*

Informations

Vendor

webmin

Product

webmin

Version

1.973

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-45692 2024-09-03 22h00 +00:00 Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP packets on port 10000.
7.5
Haute
CVE-2023-52046 2024-01-24 23h00 +00:00 Cross Site Scripting vulnerability (XSS) in webmin v.2.105 and earlier allows a remote attacker to execute arbitrary code via a crafted payload to the "Execute cron job as" tab Input field.
4.8
Moyen
CVE-2023-43309 2023-09-20 22h00 +00:00 There is a stored cross-site scripting (XSS) vulnerability in Webmin 2.002 and below via the Cluster Cron Job tab Input field, which allows attackers to run malicious scripts by injecting a specially crafted payload.
4.8
Moyen
CVE-2022-36446 2022-07-25 03h56 +00:00 software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.
9.8
Critique
CVE-2022-30708 2022-05-15 00h30 +00:00 Webmin through 1.991, when the Authentic theme is used, allows remote code execution when a user has been manually created (i.e., not created in Virtualmin or Cloudmin). This occurs because settings-editor_write.cgi does not properly restrict the file parameter.
8.8
Haute
CVE-2021-32162 2022-04-11 03h46 +00:00 A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature.
8.8
Haute
CVE-2021-32161 2022-04-11 03h45 +00:00 A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature.
6.1
Moyen
CVE-2021-32160 2022-04-11 03h43 +00:00 A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature.
6.1
Moyen
CVE-2021-32159 2022-04-11 03h41 +00:00 A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature.
8.8
Haute
CVE-2021-32158 2022-04-11 03h40 +00:00 A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload and Download feature.
6.1
Moyen
CVE-2021-32157 2022-04-11 03h38 +00:00 A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
9.6
Critique
CVE-2021-32156 2022-04-11 03h37 +00:00 A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.
8.8
Haute
CVE-2022-0829 2022-03-02 11h10 +00:00 Improper Authorization in GitHub repository webmin/webmin prior to 1.990.
8.1
Haute
CVE-2022-0824 2022-03-01 23h00 +00:00 Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990.
8.8
Haute
CVE-2021-31762 2021-04-25 16h32 +00:00 Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
8.8
Haute
CVE-2021-31761 2021-04-25 16h30 +00:00 Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature.
9.6
Critique
CVE-2021-31760 2021-04-25 16h28 +00:00 Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature.
8.8
Haute