Max CVSS | 6.8 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2004-0583 | 5.0 |
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
|
11-07-2017 - 01:30 | 06-08-2004 - 04:00 | |
CVE-2004-0588 | 6.8 |
Cross-site scripting (XSS) vulnerability in the web mail module for Usermin 1.070 allows remote attackers to insert arbitrary HTML and script via e-mail messages. This vulnerability is addressed in the following product update:
Usermin, Usermin, 1.0
|
11-07-2017 - 01:30 | 06-08-2004 - 04:00 |