Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Webmin Number Of NVD 87 CRITICAL 6 HIGH 27 MEDIUM 49 LOW 5
URL https://www.webmin.com/
Explanation Webmin is a web-based interface for Unix system administration. Using a modern web browser, you can set up user accounts, Apache, DNS, file sharing, and more. Webmin eliminates the need to manually edit Unix configuration files such as / etc / passwd, and allows you to manage your system from the console or remotely.

Excerpted and translated from [https://www.webmin.com/
Tag
  • BSD License
Add Information URL
No Type Name URL
1 https://www.webmin.com/download.html
2 https://www.webmin.com/changes.html
3 https://www.webmin.com/security.html
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1 Webmin 2 2.610 Nov. 23, 2025 Aug. 23, 2022 0 0 19 0
2 Webmin 1 1.470, March 14, 2023 Sept. 12, 2002 6 20 31 2
3 Webmin 0 0.990 July 1, 2002 Oct. 5, 1997 2 17 23 4
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1 5.4
- 		MEDIUM
Network 		Cross-site scripting vulnerability exists in sysinfo.cgi of Webmin versions prior to 1.910. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who … CWE-79
Cross-site Scripting 		CVE-2024-36450 cpe:2.3:a:webmin:webmin:*:* 1.910 2024-11-21 18:22
2024-07-10 		Show GitHub Exploit DB Packet Storm
2 4.8
- 		MEDIUM
Network 		Cross Site Scripting vulnerability (XSS) in webmin v.2.105 and earlier allows a remote attacker to execute arbitrary code via a crafted payload to the "Execute cron job as" tab Input field. CWE-79
Cross-site Scripting 		CVE-2023-52046 cpe:2.3:a:webmin:webmin:*:* 2.105 2024-11-21 17:39
2024-01-26 		Show GitHub Exploit DB Packet Storm
3 4.8
- 		MEDIUM
Network 		There is a stored cross-site scripting (XSS) vulnerability in Webmin 2.002 and below via the Cluster Cron Job tab Input field, which allows attackers to run malicious scripts by injecting a specially… CWE-79
Cross-site Scripting 		CVE-2023-43309 cpe:2.3:a:webmin:webmin:*:* 2.002 2024-11-21 17:23
2023-09-21 		Show GitHub Exploit DB Packet Storm
4 6.1
- 		MEDIUM
Network 		A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Find in Resul… CWE-79
Cross-site Scripting 		CVE-2023-40983 cpe:2.3:a:webmin:webmin:2.100:* 2024-11-21 17:20
2023-09-15 		Show GitHub Exploit DB Packet Storm
5 5.4
- 		MEDIUM
Network 		A stored cross-site scripting (XSS) vulnerability in Webmin v2.100 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cloned module name parameter. CWE-79
Cross-site Scripting 		CVE-2023-40982 cpe:2.3:a:webmin:webmin:2.100:* 2024-11-21 17:20
2023-09-15 		Show GitHub Exploit DB Packet Storm
6 5.4
- 		MEDIUM
Network 		A stored cross-site scripting (XSS) vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into t… CWE-79
Cross-site Scripting 		CVE-2023-40986 cpe:2.3:a:webmin:webmin:2.100:* 2024-11-21 17:20
2023-09-15 		Show GitHub Exploit DB Packet Storm
7 5.4
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.100. The File Manager functionality allows an attacker to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a malicious payload, an attacker can inj… CWE-79
Cross-site Scripting 		CVE-2023-40985 cpe:2.3:a:webmin:webmin:2.100:* 2024-11-21 17:20
2023-09-15 		Show GitHub Exploit DB Packet Storm
8 5.4
- 		MEDIUM
Network 		A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Replace in Re… CWE-79
Cross-site Scripting 		CVE-2023-40984 cpe:2.3:a:webmin:webmin:2.100:* 2024-11-21 17:20
2023-09-15 		Show GitHub Exploit DB Packet Storm
9 5.4
- 		MEDIUM
Network 		A Stored Cross-Site Scripting (XSS) vulnerability in the mail forwarding and replies tab in Webmin and Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the forward to … CWE-79
Cross-site Scripting 		CVE-2023-41155 cpe:2.3:a:webmin:webmin:2.000:* 2024-11-21 17:20
2023-09-14 		Show GitHub Exploit DB Packet Storm
10 6.1
- 		MEDIUM
Network 		A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the replace in results field while rep… CWE-79
Cross-site Scripting 		CVE-2023-41163 cpe:2.3:a:webmin:webmin:2.000:* 2024-11-21 17:20
2023-08-31 		Show GitHub Exploit DB Packet Storm