Lucene search
K

2125 matches found

Vulnrichment
Vulnrichment
added 2025/09/04 10:50 p.m.3 views

CVE-2025-55209 FreePBX UCP is Vulnerable to Stored XSS Through its User Control Panel

contactmanager is a module for FreePBX@, which is an open source GUI that controls and manages Asterisk© PBX. In versions 15.0.14 and below, 16.0.0 through 16.0.26.4 and 17.0.0 through 17.0.5, a stored cross-site scripting XSS vulnerability in FreePBX allows a low-privileged User Control Panel UC...

5.1CVSS5.3AI score0.00323EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/30 6:21 p.m.5 views

CVE-2025-29525

DASAN GPON ONU H660WM OS version H660WMR210825 Hardware version DS-E5-583-A1 was discovered to contain insecure default credentials in the modem's control panel...

5.3CVSS7.3AI score0.0027EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/25 12:0 a.m.2 views

CVE-2025-29525

DASAN GPON ONU H660WM OS version H660WMR210825 Hardware version DS-E5-583-A1 was discovered to contain insecure default credentials in the modem's control panel...

6.8AI score0.0027EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/25 12:0 a.m.9 views

CVE-2025-29525

DASAN GPON ONU H660WM OS version H660WMR210825 Hardware version DS-E5-583-A1 was discovered to contain insecure default credentials in the modem's control panel...

0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/24 12:13 a.m.5 views

CVE-2025-50858

Reflected Cross-Site Scripting in the List MySQL Databases function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the action parameter...

6.1CVSS6.9AI score0.00224EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/08/23 12:23 a.m.8 views

CVE-2025-50860

SQL Injection in the listdomains function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to access or manipulate database contents via the arananalan POST parameter...

6.5CVSS8.3AI score0.00213EPSS
Exploits2References1
NVD
NVD
added 2025/08/22 7:15 p.m.5 views

CVE-2025-50859

Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter...

6.1CVSS0.00272EPSS
Exploits3References2
NVD
NVD
added 2025/08/22 7:15 p.m.4 views

CVE-2025-50858

Reflected Cross-Site Scripting in the List MySQL Databases function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the action parameter...

6.1CVSS0.00224EPSS
Exploits3References2
OSV
OSV
added 2025/08/22 7:15 p.m.4 views

CVE-2025-50858

Reflected Cross-Site Scripting in the List MySQL Databases function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the action parameter...

6.1CVSS6AI score0.00224EPSS
Exploits3References2
OSV
OSV
added 2025/08/22 7:15 p.m.4 views

CVE-2025-50859

Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter...

6.1CVSS6AI score0.00272EPSS
Exploits3References2
CNNVD
CNNVD
added 2025/08/22 12:0 a.m.2 views

EHCP Easy Hosting Control Panel 安全漏洞

EHCP Easy Hosting Control Panel is an open source web hosting control panel from EHCP. A security vulnerability exists in EHCP Easy Hosting Control Panel version 20.04.1.b. The vulnerability stems from a reflective cross-site scripting vulnerability in the action parameter of the List MySQL...

6.1CVSS6AI score0.00224EPSS
Exploits3References4
CNNVD
CNNVD
added 2025/08/22 12:0 a.m.4 views

EHCP Easy Hosting Control Panel 安全漏洞

EHCP Easy Hosting Control Panel is an open source web hosting control panel from EHCP. A security vulnerability exists in EHCP Easy Hosting Control Panel version 20.04.1.b. The vulnerability stems from a reflected cross-site scripting vulnerability in the template parameter of the Change Template...

6.1CVSS6.1AI score0.00272EPSS
Exploits3References4
Vulnrichment
Vulnrichment
added 2025/08/22 12:0 a.m.2 views

CVE-2025-50859

Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter...

6.8AI score0.00272EPSS
Exploits3References2
Cvelist
Cvelist
added 2025/08/22 12:0 a.m.9 views

CVE-2025-50859

Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter...

0.00272EPSS
Exploits3References2
Cvelist
Cvelist
added 2025/08/22 12:0 a.m.8 views

CVE-2025-50858

Reflected Cross-Site Scripting in the List MySQL Databases function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the action parameter...

0.00224EPSS
Exploits3References2
CVE
CVE
added 2025/08/22 12:0 a.m.20 views

CVE-2025-50859

CVE-2025-50859 affects Easy Hosting Control Panel (EHCP) 20.04.1.b and is a reflected cross-site scripting vulnerability in the Change Template function. An authenticated user can supply a crafted template parameter to trigger arbitrary JavaScript execution, with impact described as partial in so...

6.1CVSS6.8AI score0.00272EPSS
Exploits3References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.5 views

PT-2025-34486 · Unknown · Easy Hosting Control Panel

Name of the Vulnerable Software and Affected Versions: Easy Hosting Control Panel EHCP version 20.04.1.b Description: The Change Template function in Easy Hosting Control Panel EHCP is susceptible to a reflected cross-site scripting issue. Authenticated attackers can execute arbitrary JavaScript...

6.1CVSS7.1AI score0.00272EPSS
Exploits3References6
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.6 views

PT-2025-34485 · Unknown · Easy Hosting Control Panel

Name of the Vulnerable Software and Affected Versions: Easy Hosting Control Panel EHCP version 20.04.1.b Description: The List MySQL Databases function in Easy Hosting Control Panel EHCP is susceptible to a reflected cross-site scripting issue. Authenticated attackers can potentially execute...

6.1CVSS7.2AI score0.00224EPSS
Exploits3References6
NVD
NVD
added 2025/08/21 3:15 p.m.11 views

CVE-2025-50860

SQL Injection in the listdomains function in Easy Hosting Control Panel EHCP 20.04.1.b allows authenticated attackers to access or manipulate database contents via the arananalan POST parameter...

5.4CVSS0.00213EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/08/21 12:26 a.m.9 views

CVE-2025-50926

Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection vulnerability via the id parameter in the List All Email Addresses function...

6.5CVSS8.6AI score0.0024EPSS
Exploits2References1
Rows per page
Query Builder