CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32159
https://notcve.org/view.php?id=CVE-2021-32159
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature. Se presenta una vulnerabilidad de tipo Cross-site request forgery (CSRF) en Webmin versión 1.973, por medio de la funcionalidad Upload and Download • https://github.com/Mesh3l911/CVE-2021-32159 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32158
https://notcve.org/view.php?id=CVE-2021-32158
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload and Download feature. Se presenta una vulnerabilidad de tipo Cross-Site Scripting (XSS) en Webmin 1.973 por medio de la funcionalidad Upload and Download • https://github.com/Mesh3l911/CVE-2021-32158 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 2CVE-2021-32157
https://notcve.org/view.php?id=CVE-2021-32157
A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature. Se presenta una vulnerabilidad de tipo Cross-Site Scripting (XSS) en Webmin versión 1.973, por medio de la funcionalidad Scheduled Cron Jobs • https://github.com/Mesh3l911/CVE-2021-32157 https://github.com/dnr6419/CVE-2021-32157 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32156
https://notcve.org/view.php?id=CVE-2021-32156
A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature. Se presenta una vulnerabilidad de tipo cross-site request forgery (CSRF) en Webmin versión 1.973, por medio de la funcionalidad Scheduled Cron Jobs • https://github.com/Mesh3l911/CVE-2021-32156 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 2CVE-2022-0829 – Improper Authorization in webmin/webmin
https://notcve.org/view.php?id=CVE-2022-0829
Improper Authorization in GitHub repository webmin/webmin prior to 1.990. Una Autorización Inapropiada en el repositorio de GitHub webmin/webmin versiones anteriores a 1.990 • https://github.com/webmin/webmin/commit/eeeea3c097f5cc473770119f7ac61f1dcfa671b9 https://huntr.dev/bounties/f2d0389f-d7d1-4f34-9f9d-268b0a0da05e https://notes.netbytesec.com/2022/03/webmin-broken-access-control-to-post-auth-rce.html • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •