Webmin is a web-based interface for system administration of Unix. Using any web browser, you can configure user accounts, Apache, DNS, file sharing, and more.
Webmin versions earlier than 1.600 have a remote command injection vulnerability. Successfully exploiting this vulnerability allows attackers to run arbitrary operating system commands in affected application context.
How to fix
The vendor has released a patch to fix this vulnerability. You can download the patch from http://www.webmin.com/webmin/.