CVSS: 8.8EPSS: 6%CPEs: 1EXPL: 1CVE-2021-32162
https://notcve.org/view.php?id=CVE-2021-32162
11 Apr 2022 — A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature. Se presenta una vulnerabilidad de tipo Cross-site request forgery (CSRF) en Webmin versión 1.973, mediante la funcionalidad File Manager • https://github.com/Mesh3l911/CVE-2021-32162 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 3%CPEs: 1EXPL: 1CVE-2021-32161
https://notcve.org/view.php?id=CVE-2021-32161
11 Apr 2022 — A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature. Se presenta una vulnerabilidad de tipo Cross-Site Scripting (XSS) en Webmin versión 1.973 mediante la función File Manager • https://github.com/Mesh3l911/CVE-2021-32161 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 2%CPEs: 1EXPL: 1CVE-2021-32160
https://notcve.org/view.php?id=CVE-2021-32160
11 Apr 2022 — A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature. Se presenta una vulnerabilidad de tipo Cross-Site Scripting (XSS) en Webmin versión 1.973, mediante la funcionalidad Add Users • https://github.com/Mesh3l911/CVE-2021-32160 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 5%CPEs: 1EXPL: 1CVE-2021-32159
https://notcve.org/view.php?id=CVE-2021-32159
11 Apr 2022 — A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature. Se presenta una vulnerabilidad de tipo Cross-site request forgery (CSRF) en Webmin versión 1.973, por medio de la funcionalidad Upload and Download • https://github.com/Mesh3l911/CVE-2021-32159 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 2%CPEs: 1EXPL: 1CVE-2021-32158
https://notcve.org/view.php?id=CVE-2021-32158
11 Apr 2022 — A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload and Download feature. Se presenta una vulnerabilidad de tipo Cross-Site Scripting (XSS) en Webmin 1.973 por medio de la funcionalidad Upload and Download • https://github.com/Mesh3l911/CVE-2021-32158 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.6EPSS: 11%CPEs: 1EXPL: 2CVE-2021-32157
https://notcve.org/view.php?id=CVE-2021-32157
11 Apr 2022 — A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature. Se presenta una vulnerabilidad de tipo Cross-Site Scripting (XSS) en Webmin versión 1.973, por medio de la funcionalidad Scheduled Cron Jobs • https://github.com/Mesh3l911/CVE-2021-32157 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 5%CPEs: 1EXPL: 1CVE-2021-32156
https://notcve.org/view.php?id=CVE-2021-32156
11 Apr 2022 — A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature. Se presenta una vulnerabilidad de tipo cross-site request forgery (CSRF) en Webmin versión 1.973, por medio de la funcionalidad Scheduled Cron Jobs • https://github.com/Mesh3l911/CVE-2021-32156 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 2CVE-2022-0829 – Improper Authorization in webmin/webmin
https://notcve.org/view.php?id=CVE-2022-0829
02 Mar 2022 — Improper Authorization in GitHub repository webmin/webmin prior to 1.990. Una Autorización Inapropiada en el repositorio de GitHub webmin/webmin versiones anteriores a 1.990 • https://github.com/webmin/webmin/commit/eeeea3c097f5cc473770119f7ac61f1dcfa671b9 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 9.0EPSS: 93%CPEs: 1EXPL: 11CVE-2022-0824 – Improper Access Control to Remote Code Execution in webmin/webmin
https://notcve.org/view.php?id=CVE-2022-0824
02 Mar 2022 — Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. Un Control de Acceso Inapropiado para una Ejecución de Código Remota en el repositorio de GitHub webmin/webmin versiones anteriores a 1.990 • https://packetstorm.news/files/id/166240 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 20%CPEs: 1EXPL: 6CVE-2021-31762 – Webmin 1.973 - 'save_user.cgi' Cross-Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2021-31762
25 Apr 2021 — Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature. Webmin versión 1.973, esta afectado por una vulnerabilidad de tipo Cross Site Request Forgery (CSRF) para crear un usuario privilegiado mediante la funcionalidad Webmin's add users, y luego obtener un shell inverso mediante la funcionalidad Webmin's running process Webmin version 1.973 suffers from a cross site re... • https://packetstorm.news/files/id/163492 • CWE-352: Cross-Site Request Forgery (CSRF) •