electronicbots

3 exploits Active since Apr 2021
CVE-2021-31762 NOMISEC HIGH WORKING POC
Webmin 1.973 - Cross-Site Request Forgery via User Addition Feature
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
8 stars
CVSS 8.8
CVE-2021-31761 NOMISEC CRITICAL WORKING POC
Webmin 1.973 - Reflected Cross-Site Scripting to Remote Command Execution via Running Process Feature
Webmin 1.973 is affected by reflected Cross Site Scripting (XSS) to achieve Remote Command Execution through Webmin's running process feature.
4 stars
CVSS 9.6
CVE-2021-31760 NOMISEC HIGH WORKING POC
Webmin 1.973 - Cross-Site Request Forgery to Remote Command Execution via Running Process Feature
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature.
2 stars
CVSS 8.8