Software Detail

Software Informaton Top

System Management Tool

Software Detail

Webmin

Number Of NVD

CRITICAL

HIGH

MEDIUM

LOW

URL	https://www.webmin.com/
Explanation	Webmin is a web-based interface for Unix system administration. Using a modern web browser, you can set up user accounts, Apache, DNS, file sharing, and more. Webmin eliminates the need to manually edit Unix configuration files such as / etc / passwd, and allows you to manage your system from the console or remotely. Excerpted and translated from [https://www.webmin.com/
Tag	BSD License

Add Information URL

No	Type	Name	URL
1			https://www.webmin.com/download.html
2			https://www.webmin.com/changes.html
3			https://www.webmin.com/security.html

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Critical	High	Medium	Low
21	Webmin 2	2.610	Nov. 23, 2025	Aug. 23, 2022	0	0	19	0
22	Webmin 1	1.470,	March 14, 2023	Sept. 12, 2002	6	20	31	2
23	Webmin 0	0.990	July 1, 2002	Oct. 5, 1997	2	17	23	4

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	or less	less than	Update date Published date	Show Affected	Exploit PoC Search
21	6.1 4.3	MEDIUM Network	The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message.	CWE-79 Cross-site Scripting	CVE-2022-36880	cpe:2.3:a:webmin:webmin:1.995:*			2024-11-21 16:13 2022-07-27	Show	GitHub Exploit DB Packet Storm

22	9.8 -	CRITICAL Network	software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.	CWE-116 Improper Encoding or Escaping of Output	CVE-2022-36446	cpe:2.3:a:webmin:webmin::		1.997	2024-11-21 16:13 2022-07-25	Show	GitHub Exploit DB Packet Storm

23	8.8 6.5	HIGH Network	Webmin through 1.991, when the Authentic theme is used, allows remote code execution when a user has been manually created (i.e., not created in Virtualmin or Cloudmin). This occurs because settings-…	NVD-CWE-noinfo	CVE-2022-30708	cpe:2.3:a:webmin:webmin::	1.991		2024-11-21 16:03 2022-05-15	Show	GitHub Exploit DB Packet Storm

24	8.8 6.8	HIGH Network	A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature.	CWE-352 Origin Validation Error	CVE-2021-32162	cpe:2.3:a:webmin:webmin:1.973:*			2024-11-21 15:06 2022-04-11	Show	GitHub Exploit DB Packet Storm

25	6.1 4.3	MEDIUM Network	A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature.	CWE-79 Cross-site Scripting	CVE-2021-32161	cpe:2.3:a:webmin:webmin:1.973:*			2024-11-21 15:06 2022-04-11	Show	GitHub Exploit DB Packet Storm

26	6.1 4.3	MEDIUM Network	A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature.	CWE-79 Cross-site Scripting	CVE-2021-32160	cpe:2.3:a:webmin:webmin:1.973:*			2024-11-21 15:06 2022-04-11	Show	GitHub Exploit DB Packet Storm

27	8.8 6.8	HIGH Network	A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature.	CWE-352 Origin Validation Error	CVE-2021-32159	cpe:2.3:a:webmin:webmin:1.973:*			2024-11-21 15:06 2022-04-11	Show	GitHub Exploit DB Packet Storm

28	6.1 4.3	MEDIUM Network	A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload and Download feature.	CWE-79 Cross-site Scripting	CVE-2021-32158	cpe:2.3:a:webmin:webmin:1.973:*			2024-11-21 15:06 2022-04-11	Show	GitHub Exploit DB Packet Storm

29	9.6 6.8	CRITICAL Network	A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.	CWE-79 Cross-site Scripting	CVE-2021-32157	cpe:2.3:a:webmin:webmin:1.973:*			2024-11-21 15:06 2022-04-11	Show	GitHub Exploit DB Packet Storm

30	8.8 6.8	HIGH Network	A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.	CWE-352 Origin Validation Error	CVE-2021-32156	cpe:2.3:a:webmin:webmin:1.973:*			2024-11-21 15:06 2022-04-11	Show	GitHub Exploit DB Packet Storm