Exposição de Webmin
Miscellaneous12
score de exposição
3
sites usam
0
em exploração
3
críticos
CVEs
14 resultadosCVE-2024-12828CRITICALWebmin CGI Command Injection Remote Code Execution VulnerabilityEPSS 32.0%CVE-2017-2106—Multiple cross-site scripting vulnerabilities in Webmin versions prior to 1.830 allows remote attackers to inject arbitrary web script or HTEPSS 1.7%CVE-2022-3844LOWWebmin index.cgi cross site scriptingEPSS 0.6%CVE-2024-36451HIGHImproper handling of insufficient permissions or privileges vulnerability exists in ajaxterm module of Webmin prior to 2.003. If this vulnerEPSS 0.6%CVE-2024-36453MEDIUMCross-site scripting vulnerability exists in session_login.cgi of Webmin versions prior to 1.970 and Usermin versions prior to 1.820. If thiEPSS 0.4%CVE-2026-56022MEDIUMWebmin MFA bypassEPSS 0.3%CVE-2025-67738HIGHsquid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache ManagerEPSS 0.3%CVE-2026-49103CRITICALWebmin before 2.640 does not safely construct a filename for saving of an attachment within the mailboxes component. This occurs in mailboxeEPSS 0.3%CVE-2024-36450MEDIUMCross-site scripting vulnerability exists in sysinfo.cgi of Webmin versions prior to 1.910. If this vulnerability is exploited, an arbitraryEPSS 0.3%CVE-2026-56020CRITICALWebmin HTTP header authentication bypassEPSS 0.3%CVE-2026-56021MEDIUMWebmin information disclosure via regex patternEPSS 0.3%CVE-2024-36452LOWCross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2.003. If this vulnerability is exploited, unEPSS 0.2%CVE-2026-22678MEDIUMWebmin < 2.641 Stored XSS via System and Server StatusEPSS 0.2%CVE-2026-49102MEDIUMWebmin before 2.640 allows mailboxes/detach.cgi XSS via an SVG document attachment that is viewed in the mailboxes component, because image/EPSS 0.2%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →