Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Webmin
(Webmin)| Repositories | https://github.com/webmin/webmin |
| #Vulnerabilities | 88 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2002-08-12 | CVE-2002-0756 | Cross-site scripting vulnerability in the authentication page for (1) Webmin 0.96 and (2) Usermin 0.90 allows remote attackers to insert script into an error page and possibly steal cookies. | Usermin, Webmin | N/A | ||
| 2001-12-31 | CVE-2001-1530 | run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands. | Webmin | N/A | ||
| 2001-12-17 | CVE-2001-1196 | Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' (dot dot) in the argument. | Webmin | N/A | ||
| 2001-05-28 | CVE-2001-1074 | Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges. | Webmin | N/A | ||
| 2001-03-26 | CVE-2001-0222 | webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack. | Webmin | N/A | ||
| 1999-12-31 | CVE-1999-1074 | Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking. | Webmin | N/A |