Summary
Detail | |||
---|---|---|---|
Vendor | Webmin | First view | 1999-12-31 |
Product | Webmin | Last view | 2024-01-25 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
4.8 | 2024-01-25 | CVE-2023-52046 | Cross Site Scripting vulnerability (XSS) in webmin v.2.105 and earlier allows a remote attacker to execute arbitrary code via a crafted payload to the "Execute cron job as" tab Input field. |
4.8 | 2023-09-21 | CVE-2023-43309 | There is a stored cross-site scripting (XSS) vulnerability in Webmin 2.002 and below via the Cluster Cron Job tab Input field, which allows attackers to run malicious scripts by injecting a specially crafted payload. |
5.4 | 2023-09-15 | CVE-2023-40986 | A stored cross-site scripting (XSS) vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field. |
5.4 | 2023-09-15 | CVE-2023-40985 | An issue was discovered in Webmin 2.100. The File Manager functionality allows an attacker to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a malicious payload, an attacker can inject arbitrary code, which is then executed within the context of the victim's browser when any file is searched/replaced. |
5.4 | 2023-09-15 | CVE-2023-40984 | A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Replace in Results file. |
6.1 | 2023-09-15 | CVE-2023-40983 | A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Find in Results file. |
5.4 | 2023-09-15 | CVE-2023-40982 | A stored cross-site scripting (XSS) vulnerability in Webmin v2.100 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cloned module name parameter. |
5.4 | 2023-09-13 | CVE-2023-41155 | A Stored Cross-Site Scripting (XSS) vulnerability in the mail forwarding and replies tab in Webmin and Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the forward to field while creating a mail forwarding rule. |
6.1 | 2023-08-30 | CVE-2023-41163 | A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the replace in results field while replacing the results under the tools drop down. |
5.4 | 2023-07-31 | CVE-2023-38311 | An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the System Logs Viewer functionality. The vulnerability allows an attacker to store a malicious payload in the configuration field, triggering the execution of the payload when saving the configuration or when accessing the System Logs Viewer page. |
5.4 | 2023-07-31 | CVE-2023-38310 | An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the configuration settings of the system logs functionality. The vulnerability allows an attacker to store an XSS payload in the configuration settings of specific log files. This results in the execution of that payload whenever the affected log files are accessed. |
6.1 | 2023-07-31 | CVE-2023-38309 | An issue was discovered in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the package search functionality. The vulnerability allows an attacker to inject a malicious payload in the "Search for Package" field, which gets reflected back in the application's response, leading to the execution of arbitrary JavaScript code within the context of the victim's browser. |
6.1 | 2023-07-31 | CVE-2023-38308 | An issue was discovered in Webmin 2.021. A Cross-Site Scripting (XSS) vulnerability was discovered in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL from a third-party domain, an attacker can inject malicious code. leading to the execution of arbitrary JavaScript code within the context of the victim's browser. |
5.4 | 2023-07-31 | CVE-2023-38307 | An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Users and Groups functionality. The vulnerability occurs when an authenticated user adds a new user and inserts an XSS payload into the user's real name. |
6.1 | 2023-07-31 | CVE-2023-38306 | An issue was discovered in Webmin 2.021. A Cross-site Scripting (XSS) Bypass vulnerability was discovered in the file upload functionality. Normally, the application restricts the upload of certain file types such as .svg, .php, etc., and displays an error message if a prohibited file type is detected. However, by following certain steps, an attacker can bypass these restrictions and inject malicious code. |
6.1 | 2023-07-31 | CVE-2023-38305 | An issue was discovered in Webmin 2.021. The download functionality allows an attacker to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a crafted download path containing a malicious payload, an attacker can inject arbitrary code, which is then executed within the context of the victim's browser when the download link is accessed. |
5.4 | 2023-07-31 | CVE-2023-38304 | An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Users and Groups functionality, allowing an attacker to store a malicious payload in the Group Name field when creating a new group. |
5.4 | 2023-07-31 | CVE-2023-38303 | An issue was discovered in Webmin 2.021. One can exploit a stored Cross-Site Scripting (XSS) attack to achieve Remote Command Execution (RCE) through the Users and Group's real name parameter. |
6.1 | 2022-11-02 | CVE-2022-3844 | A vulnerability, which was classified as problematic, was found in Webmin 2.001. Affected is an unknown function of the file xterm/index.cgi. The manipulation leads to basic cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.003 is able to address this issue. The patch is identified as d3d33af3c0c3fd3a889c84e287a038b7a457d811. It is recommended to upgrade the affected component. VDB-212862 is the identifier assigned to this vulnerability. |
6.1 | 2022-07-27 | CVE-2022-36880 | The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message. |
9.8 | 2022-07-25 | CVE-2022-36446 | software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command. |
8.8 | 2022-05-15 | CVE-2022-30708 | Webmin through 1.991, when the Authentic theme is used, allows remote code execution when a user has been manually created (i.e., not created in Virtualmin or Cloudmin). This occurs because settings-editor_write.cgi does not properly restrict the file parameter. |
8.8 | 2022-04-11 | CVE-2021-32162 | A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature. |
6.1 | 2022-04-11 | CVE-2021-32161 | A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature. |
6.1 | 2022-04-11 | CVE-2021-32160 | A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
67% (42) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
11% (7) | CWE-352 | Cross-Site Request Forgery (CSRF) |
4% (3) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
1% (1) | CWE-611 | Information Leak Through XML External Entity File Disclosure |
1% (1) | CWE-285 | Improper Access Control (Authorization) |
1% (1) | CWE-284 | Access Control (Authorization) Issues |
1% (1) | CWE-269 | Improper Privilege Management |
1% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
1% (1) | CWE-116 | Improper Encoding or Escaping of Output |
1% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
1% (1) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
1% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
1% (1) | CWE-20 | Improper Input Validation |
SAINT Exploits
Description | Link |
---|---|
Webmin password_change.cgi backdoor | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
74342 | Webmin useradmin/user-lib.pl chfn Command Full Name Field XSS |
60883 | Webmin / Usermin Unspecified XSS |
60228 | Webmin RPC Module remote_foreign_* Request Remote File Manipulation |
60118 | Webmin Printer Administration Module Printer Name Shell Metacharacter Arbitra... |
59783 | Webmin Default SSL Key Weakness |
41117 | Webmin/Usermin webmin_search.cgi search Parameter XSS |
40772 | Webmin Crafted URL Unspecified Arbitrary Command Execution |
36932 | Webmin pam_login.cgi Multiple Parameter XSS |
33832 | Webmin/Usermin chooser.cgi Crafted Filename XSS |
28338 | Webmin/Usermin NULL Character Unspecified XSS |
28337 | Webmin/Usermin NULL Character Unspecified Source Disclosure |
26772 | Webmin/Usermin simplify_path() Failure Arbitrary File Disclosure |
26771 | Webmin Crafted Backslash Request Traversal Arbitrary File Access |
21222 | Webmin/Usermin miniserv.pl Format String Remote Code Execution |
20873 | Webmin Interface File Display Content XSS |
20872 | Webmin RPM Installation /var/webmin Permission Weakness Information Disclosure |
20238 | Webmin run.cgi Temp File Permission Weakness Arbitrary Command Execution |
19575 | Webmin/Usermin miniserv.pl Metacharacter PAM Authentication Bypass |
15550 | Webmin/Usermin Configuration File Permission/Ownership Modification |
10803 | Webmin/Usermin miniserv.pl Base-64 String Metacharacter Handling Session Spoo... |
10802 | Webmin/Usermin Authentication Information Control Character Bypass |
9776 | Usermin HTML Mail Command Execution |
9775 | Usermin Installation .webmin Symlink Privilege Escalation |
9241 | Webmin/Usermin Authentication Error Page XSS |
8959 | Webmin Directory edit_action.cgi Double Dot Traversal Arbitrary File Access |
OpenVAS Exploits
id | Description |
---|---|
2011-10-20 | Name : Webmin / Usermin Login Cross Site Scripting Vulnerability File : nvt/gb_webmin_login_xss_vuln.nasl |
2011-06-20 | Name : Mandriva Update for webmin MDVSA-2011:109 (webmin) File : nvt/gb_mandriva_MDVSA_2011_109.nasl |
2010-02-15 | Name : Mandriva Update for webmin MDVSA-2010:036 (webmin) File : nvt/gb_mandriva_MDVSA_2010_036.nasl |
2009-05-05 | Name : HP-UX Update for Webmin HPSBUX00250 File : nvt/gb_hp_ux_HPSBUX00250.nasl |
2009-04-09 | Name : Mandriva Update for webmin MDKSA-2007:135 (webmin) File : nvt/gb_mandriva_MDKSA_2007_135.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200707-05 (webmin/usermin) File : nvt/glsa_200707_05.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200608-11 (webmin/usermin) File : nvt/glsa_200608_11.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200512-02 (webmin usermin) File : nvt/glsa_200512_02.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200509-17 (Webmin Usermin) File : nvt/glsa_200509_17.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200409-15 (Usermin) File : nvt/glsa_200409_15.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200406-15 (Usermin) File : nvt/glsa_200406_15.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200406-12 (webmin) File : nvt/glsa_200406_12.nasl |
2008-09-04 | Name : FreeBSD Ports: webmin File : nvt/freebsd_webmin1.nasl |
2008-09-04 | Name : FreeBSD Ports: webmin File : nvt/freebsd_webmin0.nasl |
2008-09-04 | Name : FreeBSD Ports: webmin File : nvt/freebsd_webmin.nasl |
2008-09-04 | Name : FreeBSD Ports: perl File : nvt/freebsd_perl1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 544-1 (webmin) File : nvt/deb_544_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 526-1 (webmin) File : nvt/deb_526_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 319-1 (webmin) File : nvt/deb_319_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1199-1 (webmin) File : nvt/deb_1199_1.nasl |
2005-11-03 | Name : Various dangerous cgi scripts File : nvt/dangerous_cgis.nasl |
Snort® IPS/IDS
Date | Description |
---|---|
2019-10-15 | Webmin password_change command injection attempt RuleID : 51489 - Type : SERVER-WEBAPP - Revision : 1 |
2019-10-15 | Webmin password_change command injection attempt RuleID : 51488 - Type : SERVER-WEBAPP - Revision : 1 |
2019-10-15 | Webmin password_change command injection attempt RuleID : 51487 - Type : SERVER-WEBAPP - Revision : 1 |
2019-10-15 | Webmin password_change command injection attempt RuleID : 51486 - Type : SERVER-WEBAPP - Revision : 1 |
2019-09-26 | Webadmin history parameter cross site scripting attempt RuleID : 51282 - Type : SERVER-WEBAPP - Revision : 1 |
2019-09-26 | Webadmin history parameter cross site scripting attempt RuleID : 51281 - Type : SERVER-WEBAPP - Revision : 1 |
2014-01-10 | Webmin Directory edit_action.cgi access RuleID : 2202-community - Type : SERVER-WEBAPP - Revision : 18 |
2014-01-10 | Webmin Directory edit_action.cgi access RuleID : 2202 - Type : SERVER-WEBAPP - Revision : 18 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2014-09-16 | Name: The remote web server is affected by multiple cross-site scripting vulnerabil... File: webmin_1_690_mult_xss.nasl - Type: ACT_GATHER_INFO |
2014-09-16 | Name: The remote web server is affected by multiple vulnerabilities. File: usermin_1_600_mult.nasl - Type: ACT_GATHER_INFO |
2014-09-16 | Name: The remote web server is affected by an information disclosure vulnerability. File: usermin_1226_info_disclosure.nasl - Type: ACT_ATTACK |
2014-09-16 | Name: The remote web server is affected by an information disclosure flaw. File: usermin_1220_info_disclosure.nasl - Type: ACT_ATTACK |
2011-06-14 | Name: The remote Mandriva Linux host is missing a security update. File: mandriva_MDVSA-2011-109.nasl - Type: ACT_GATHER_INFO |
2010-02-15 | Name: The remote Mandriva Linux host is missing a security update. File: mandriva_MDVSA-2010-036.nasl - Type: ACT_GATHER_INFO |
2009-04-23 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_ae7b7f6505c711d9b45d000c41e2cdad.nasl - Type: ACT_GATHER_INFO |
2007-07-10 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200707-05.nasl - Type: ACT_GATHER_INFO |
2007-06-27 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2007-135.nasl - Type: ACT_GATHER_INFO |
2007-06-12 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_12b7286f16a211dcb8030016179b2dd5.nasl - Type: ACT_GATHER_INFO |
2007-02-18 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2006-170.nasl - Type: ACT_GATHER_INFO |
2006-12-16 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2006-125.nasl - Type: ACT_GATHER_INFO |
2006-10-25 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-1199.nasl - Type: ACT_GATHER_INFO |
2006-09-02 | Name: The remote web server is affected by an information disclosure vulnerability. File: webmin_1296.nasl - Type: ACT_ATTACK |
2006-08-07 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200608-11.nasl - Type: ACT_GATHER_INFO |
2006-07-03 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_227475c209cb11db9156000e0c2e438a.nasl - Type: ACT_GATHER_INFO |
2006-06-30 | Name: The remote web server is affected by an information disclosure flaw. File: webmin_1290.nasl - Type: ACT_ATTACK |
2006-05-13 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_bb33981a7ac611dabf7200123f589060.nasl - Type: ACT_GATHER_INFO |
2006-01-15 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2005-176.nasl - Type: ACT_GATHER_INFO |
2006-01-15 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2005-223.nasl - Type: ACT_GATHER_INFO |
2005-12-26 | Name: The remote web server is affected by a format string vulnerability. File: webmin_miniserv_username_format_string.nasl - Type: ACT_DENIAL |
2005-12-15 | Name: The remote Fedora Core host is missing a security update. File: fedora_2005-1145.nasl - Type: ACT_GATHER_INFO |
2005-12-15 | Name: The remote Fedora Core host is missing a security update. File: fedora_2005-1144.nasl - Type: ACT_GATHER_INFO |
2005-12-08 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200512-02.nasl - Type: ACT_GATHER_INFO |
2005-12-07 | Name: The remote Fedora Core host is missing a security update. File: fedora_2005-1116.nasl - Type: ACT_GATHER_INFO |