CVE-2007-1276: CSRF
First published: Mon Mar 05 2007(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin before 1.330 and Usermin before 1.260 allow remote attackers to inject arbitrary web script or HTML via a crafted filename.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Webmin Webmin | =1.2.50 | |
| Usermin Usermin | =1.070 | |
| Webmin Webmin | =1.0.20 | |
| Webmin Webmin | =1.0.51 | |
| Webmin Webmin | =1.0.10 | |
| Usermin Usermin | =1.040 | |
| Usermin Usermin | =1.250 | |
| Usermin Usermin | =1.060 | |
| Webmin Webmin | =1.1.50 | |
| Webmin Webmin | =1.0.60 | |
| Usermin Usermin | =1.080 | |
| Usermin Usermin | =1.100 | |
| Webmin Webmin | =1.1.00 | |
| Usermin Usermin | =1.210 | |
| Webmin Webmin | =1.1.30 | |
| Webmin Webmin | =1.1.21 | |
| Webmin Webmin | =1.0.00 | |
| Webmin Webmin | =1.0.90 | |
| Webmin Webmin | =1.3.20 | |
| Usermin Usermin | =1.010 | |
| Usermin Usermin | =1.130 | |
| Usermin Usermin | =1.150 | |
| Webmin Webmin | =1.2.30 | |
| Usermin Usermin | =1.140 | |
| Usermin Usermin | =1.220 | |
| Webmin Webmin | =1.0.30 | |
| Webmin Webmin | =1.2.20 | |
| Webmin Webmin | =1.1.40 | |
| Webmin Webmin | =1.1.20 | |
| Usermin Usermin | =1.090 | |
| Usermin Usermin | =1.020 | |
| Usermin Usermin | =1.051 | |
| Usermin Usermin | =1.000 | |
| Usermin Usermin | =1.030 | |
| Webmin Webmin | =1.0.70 | |
| Usermin Usermin | =1.110 | |
| Usermin Usermin | =1.240 | |
| Webmin Webmin | =1.0.50 | |
| Webmin Webmin | =1.0.40 | |
| Webmin Webmin | =1.0.80 | |
| Usermin Usermin | =1.120 | |
| Usermin Usermin | =1.230 | |
| Webmin Webmin | =1.1.10 | |
| Webmin Webmin | =1.2.40 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/webmin
- canonical/webmin webmin
- version/webmin webmin/1.2.50
- vendor/usermin
- canonical/usermin usermin
- version/usermin usermin/1.070
- version/webmin webmin/1.0.20
- version/webmin webmin/1.0.51
- version/webmin webmin/1.0.10
- version/usermin usermin/1.040
- version/usermin usermin/1.250
- version/usermin usermin/1.060
- version/webmin webmin/1.1.50
- version/webmin webmin/1.0.60
- version/usermin usermin/1.080
- version/usermin usermin/1.100
- version/webmin webmin/1.1.00
- version/usermin usermin/1.210
- version/webmin webmin/1.1.30
- version/webmin webmin/1.1.21
- version/webmin webmin/1.0.00
- version/webmin webmin/1.0.90
- version/webmin webmin/1.3.20
- version/usermin usermin/1.010
- version/usermin usermin/1.130
- version/usermin usermin/1.150
- version/webmin webmin/1.2.30
- version/usermin usermin/1.140
- version/usermin usermin/1.220
- version/webmin webmin/1.0.30
- version/webmin webmin/1.2.20
- version/webmin webmin/1.1.40
- version/webmin webmin/1.1.20
- version/usermin usermin/1.090
- version/usermin usermin/1.020
- version/usermin usermin/1.051
- version/usermin usermin/1.000
- version/usermin usermin/1.030
- version/webmin webmin/1.0.70
- version/usermin usermin/1.110
- version/usermin usermin/1.240
- version/webmin webmin/1.0.50
- version/webmin webmin/1.0.40
- version/webmin webmin/1.0.80
- version/usermin usermin/1.120
- version/usermin usermin/1.230
- version/webmin webmin/1.1.10
- version/webmin webmin/1.2.40