CVE-2006-4542

CVE-2006-4542 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Webmin before 1.296 and Usermin before 1.226 do not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS), read CGI program source code, list directories, and possibly execute programs.

Learn more about our User Device Pen Test.