cbcvebase.
CVE-2002-1673
published 2002-12-31

CVE-2002-1673: The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to…

PriorityP411low3.6CVSS 2.0
AVLACLAuNCPIPAN
EXPLOIT
EPSS
0.79%
51.6th percentile
The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to execute script and possibly steal cookies by inserting the script into certain files or fields, such as a real user name entry in the passwd file.

Affected

25 ranges
VendorProductVersion rangeFixed in
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
webminwebmin
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.