Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Webmin Number Of NVD 87 CRITICAL 6 HIGH 27 MEDIUM 49 LOW 5
URL https://www.webmin.com/
Explanation Webmin is a web-based interface for Unix system administration. Using a modern web browser, you can set up user accounts, Apache, DNS, file sharing, and more. Webmin eliminates the need to manually edit Unix configuration files such as / etc / passwd, and allows you to manage your system from the console or remotely.

Excerpted and translated from [https://www.webmin.com/
Tag
  • BSD License
Add Information URL
No Type Name URL
1 https://www.webmin.com/download.html
2 https://www.webmin.com/changes.html
3 https://www.webmin.com/security.html
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
81 Webmin 2 2.610 Nov. 23, 2025 Aug. 23, 2022 0 0 19 0
82 Webmin 1 1.470, March 14, 2023 Sept. 12, 2002 6 20 31 2
83 Webmin 0 0.990 July 1, 2002 Oct. 5, 1997 2 17 23 4
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
81 -
7.5 		HIGH Cross-site scripting vulnerability in the authentication page for (1) Webmin 0.96 and (2) Usermin 0.90 allows remote attackers to insert script into an error page and possibly steal cookies. NVD-CWE-Other
CVE-2002-0756 cpe:2.3:a:webmin:webmin:0.96:*
cpe:2.3:a:webmin:webmin:0.95:*
cpe:2.3:a:webmin:webmin:0.94:*
cpe:2.3:a:webmin:… 		2008-09-6 05:28
2002-08-12 		Show GitHub Exploit DB Packet Storm
82 -
7.5 		HIGH (1) Webmin 0.96 and (2) Usermin 0.90 with password timeouts enabled allow local and possibly remote attackers to bypass authentication and gain privileges via certain control characters in the authen… NVD-CWE-Other
CVE-2002-0757 cpe:2.3:a:webmin:webmin:0.96:*
cpe:2.3:a:webmin:webmin:0.95:*
cpe:2.3:a:webmin:webmin:0.94:*
cpe:2.3:a:webmin:… 		2008-09-6 05:28
2002-08-12 		Show GitHub Exploit DB Packet Storm
83 -
4.6 		MEDIUM run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands. NVD-CWE-Other
CVE-2001-1530 cpe:2.3:a:webmin:webmin:0.88:*
cpe:2.3:a:webmin:webmin:0.80:* 		2008-09-6 05:26
2001-12-31 		Show GitHub Exploit DB Packet Storm
84 -
10.0 		HIGH Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' (dot dot) in the argument. NVD-CWE-Other
CVE-2001-1196 cpe:2.3:a:webmin:webmin:0.91:* 2016-10-18 11:14
2001-12-17 		Show GitHub Exploit DB Packet Storm
85 -
7.2 		HIGH Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and … NVD-CWE-Other
CVE-2001-1074 cpe:2.3:a:webmin:webmin:0.84:*
cpe:2.3:a:webmin:webmin:0.83:*
cpe:2.3:a:webmin:webmin:0.80:*
cpe:2.3:a:webmin:… 		2017-10-10 10:29
2001-05-28 		Show GitHub Exploit DB Packet Storm
86 -
1.2 		LOW webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack. NVD-CWE-Other
CVE-2001-0222 cpe:2.3:a:webmin:webmin:0.83:* 2017-10-10 10:29
2001-03-26 		Show GitHub Exploit DB Packet Storm
87 -
7.5 		HIGH Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking. NVD-CWE-Other
CVE-1999-1074 cpe:2.3:a:webmin:webmin:0.4:*
cpe:2.3:a:webmin:webmin:0.42:*
cpe:2.3:a:webmin:webmin:0.41:*
cpe:2.3:a:webmin:w… 		2008-09-9 21:36
1999-12-31 		Show GitHub Exploit DB Packet Storm