CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2001-1074
https://notcve.org/view.php?id=CVE-2001-1074
28 May 2001 — Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges. • http://archives.neohapsis.com/archives/bugtraq/2001-05/0262.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0222
https://notcve.org/view.php?id=CVE-2001-0222
26 Mar 2001 — webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack. • http://www.calderasystems.com/support/security/advisories/CSSA-2001-004.0.txt •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-1999-1074
https://notcve.org/view.php?id=CVE-1999-1074
31 Dec 1999 — Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking. • http://www.securityfocus.com/archive/1/9138 •