RSS   Vulnerabilities for 'Usermin'   RSS

2022-07-27
 
CVE-2022-36880

CWE-79
 
 
The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message.

 
2017-04-12
 
CVE-2016-4897

 
 
Multiple cross-site scripting (XSS) vulnerabilities in (1) filter/save_forward.cgi, (2) filter/save.cgi, (3) /man/search.cgi in Usermin before 1.690.

 
2014-07-20
 
CVE-2014-3884

CWE-79
 
 
Cross-site scripting (XSS) vulnerability in Usermin before 1.600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2014-3924.

 
2014-06-21
 
CVE-2014-3883

CWE-78
 
 
Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via unspecified vectors related to a user action.

 
2010-01-05
 
CVE-2009-4568

CWE-79
 
 
Cross-site scripting (XSS) vulnerability in Webmin before 1.500 and Usermin before 1.430 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 
2008-02-11
 
CVE-2008-0720

CWE-79
 
 
Cross-site scripting (XSS) vulnerability in Webmin 1.370 and 1.390 and Usermin 1.300 and 1.320 allows remote attackers to inject arbitrary web script or HTML via the search parameter to webmin_search.cgi (aka the search section), and possibly other components accessed through a "search box" or "open file box." NOTE: some of these details are obtained from third party information.

 
2007-06-11
 
CVE-2007-3156

CWE-79
 
 
Multiple cross-site scripting (XSS) vulnerabilities in pam_login.cgi in Webmin before 1.350 and Usermin before 1.280 allow remote attackers to inject arbitrary web script or HTML via the (1) cid, (2) message, or (3) question parameter. NOTE: some of these details are obtained from third party information.

 

 >>> Vendor: Webmin 3 Products
Webmin
Usermin
Userwin

Copyright 2024, cxsecurity.com

 

Back to Top