NotCVE - vendor:"Virtualmin" product:"Virtualmin" version:"6.03"

2 results (0.004 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-18207

https://notcve.org/view.php?id=CVE-2018-18207

10 Oct 2018 — Virtualmin 6.03 allows Frame Injection via the settings-editor_read.cgi file parameter. Virtualmin 6.03 permite la inyección de tramas mediante el parámetro file en settings-editor_read.cgi. • https://0day.today/exploit/description/31282 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-18208

https://notcve.org/view.php?id=CVE-2018-18208

10 Oct 2018 — Virtualmin 6.03 allows XSS via the query string, as demonstrated by the webmin_search.cgi URI. Virtualmin 6.03 permite Cross-Site Scripting (XSS) mediante la cadena query, tal y como queda demostrado con el URI webmin_search.cgi. • https://0day.today/exploit/description/31282 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •