Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Webmin Number Of NVD 88 CRITICAL 6 HIGH 27 MEDIUM 50 LOW 5
URL https://www.webmin.com/
Explanation Webmin is a web-based interface for Unix system administration. Using a modern web browser, you can set up user accounts, Apache, DNS, file sharing, and more. Webmin eliminates the need to manually edit Unix configuration files such as / etc / passwd, and allows you to manage your system from the console or remotely.

Excerpted and translated from [https://www.webmin.com/
Tag
  • BSD License
Add Information URL
No Type Name URL
1 https://www.webmin.com/download.html
2 https://www.webmin.com/changes.html
3 https://www.webmin.com/security.html
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
11 Webmin 2 2.610 Nov. 23, 2025 Aug. 23, 2022 0 0 20 0
12 Webmin 1 1.470, March 14, 2023 Sept. 12, 2002 6 20 32 2
13 Webmin 0 0.990 July 1, 2002 Oct. 5, 1997 2 17 24 4
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
11 6.1
- 		MEDIUM
Network 		A Reflected Cross-site scripting (XSS) vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the replace in results field while rep… CWE-79
Cross-site Scripting 		CVE-2023-41163 cpe:2.3:a:webmin:webmin:2.000:* 2024-11-21 17:20
2023-08-31 		Show GitHub Exploit DB Packet Storm
12 5.4
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Users and Groups functionality. The vulnerability occurs when an authenticated user ad… CWE-79
Cross-site Scripting 		CVE-2023-38307 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
13 5.4
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Users and Groups functionality, allowing an attacker to store a malicious payload in t… CWE-79
Cross-site Scripting 		CVE-2023-38304 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
14 5.4
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the System Logs Viewer functionality. The vulnerability allows an attacker to store a mali… CWE-79
Cross-site Scripting 		CVE-2023-38311 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
15 5.4
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the configuration settings of the system logs functionality. The vulnerability allows an a… CWE-79
Cross-site Scripting 		CVE-2023-38310 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
16 6.1
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the package search functionality. The vulnerability allows an attacker to inject a mali… CWE-79
Cross-site Scripting 		CVE-2023-38309 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
17 6.1
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Cross-Site Scripting (XSS) vulnerability was discovered in the HTTP Tunnel functionality when handling third-party domain URLs. By providing a crafted URL f… CWE-79
Cross-site Scripting 		CVE-2023-38308 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
18 6.1
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. A Cross-site Scripting (XSS) Bypass vulnerability was discovered in the file upload functionality. Normally, the application restricts the upload of certain f… CWE-79
Cross-site Scripting 		CVE-2023-38306 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
19 6.1
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. The download functionality allows an attacker to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a crafted download path containing a malicio… CWE-79
Cross-site Scripting 		CVE-2023-38305 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm
20 5.4
- 		MEDIUM
Network 		An issue was discovered in Webmin 2.021. One can exploit a stored Cross-Site Scripting (XSS) attack to achieve Remote Command Execution (RCE) through the Users and Group's real name parameter. CWE-79
Cross-site Scripting 		CVE-2023-38303 cpe:2.3:a:webmin:webmin:2.021:* 2024-11-21 17:13
2023-08-1 		Show GitHub Exploit DB Packet Storm