CVE-2019-12840

In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi.

Date published : 2019-06-15

http://www.securityfocus.com/bid/108790

http://packetstormsecurity.com/files/153372/Webmin-1.910-Remote-Command-Execution.html