Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Webmin Number Of NVD 87 CRITICAL 6 HIGH 27 MEDIUM 49 LOW 5
URL https://www.webmin.com/
Explanation Webmin is a web-based interface for Unix system administration. Using a modern web browser, you can set up user accounts, Apache, DNS, file sharing, and more. Webmin eliminates the need to manually edit Unix configuration files such as / etc / passwd, and allows you to manage your system from the console or remotely.

Excerpted and translated from [https://www.webmin.com/
Tag
  • BSD License
Add Information URL
No Type Name URL
1 https://www.webmin.com/download.html
2 https://www.webmin.com/changes.html
3 https://www.webmin.com/security.html
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
11 Webmin 2 2.610 Nov. 23, 2025 Aug. 23, 2022 0 0 19 0
12 Webmin 1 1.470, March 14, 2023 Sept. 12, 2002 6 20 31 2
13 Webmin 0 0.990 July 1, 2002 Oct. 5, 1997 2 17 23 4
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
11 5.4
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Users and Groups functionality. The vulnerability occurs when an authenticated user ad… CWE-79
Cross-site Scripting 		CVE-2023-38307 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
12 5.4
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Users and Groups functionality, allowing an attacker to store a malicious payload in t… CWE-79
Cross-site Scripting 		CVE-2023-38304 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
13 5.4
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the System Logs Viewer functionality. The vulnerability allows an attacker to store a mali… CWE-79
Cross-site Scripting 		CVE-2023-38311 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
14 5.4
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the configuration settings of the system logs functionality. The vulnerability allows an a… CWE-79
Cross-site Scripting 		CVE-2023-38310 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
15 6.1
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the package search functionality. The vulnerability allows an attacker to inject a mali… CWE-79
Cross-site Scripting 		CVE-2023-38309 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
16 6.1
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Cross-Site Scripting (XSS) vulnerability was discovered in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL f… CWE-79
Cross-site Scripting 		CVE-2023-38308 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
17 6.1
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Cross-site Scripting (XSS) Bypass vulnerability was discovered in the file upload functionality. Normally, the application restricts the upload of certain f… CWE-79
Cross-site Scripting 		CVE-2023-38306 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
18 6.1
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. The download functionality allows an attacker to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a crafted download path containing a malicio… CWE-79
Cross-site Scripting 		CVE-2023-38305 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
19 5.4
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. One can exploit a stored Cross-Site Scripting (XSS) attack to achieve Remote Command Execution (RCE) through the Users and Group's real name parameter. CWE-79
Cross-site Scripting 		CVE-2023-38303 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
20 6.1
- 		MEDIUM
Network 		A vulnerability, which was classified as problematic, was found in Webmin 2.001. Affected is an unknown function of the file xterm/index.cgi. The manipulation leads to basic cross site scripting. It … CWE-79
Cross-site Scripting 		CVE-2022-3844 cpe:2.3:a:webmin:webmin:2.001:* 2024-11-21 16:20
2022-11-3 		Show GitHub Exploit DB Packet Storm