Lucene search
K

2125 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:52 p.m.10 views

CVE-2020-10787

An elevation of privilege in Vesta Control Panel through 0.9.8-26 allows an attacker to gain root system access from the admin account via v-change-user-password aka the user password change script...

9CVSS7.4AI score0.02502EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:34 p.m.5 views

CVE-2020-36064

Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised...

9.8CVSS7.6AI score0.01451EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:22 p.m.12 views

CVE-2020-25124

The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php=rebuild= URI...

4.8CVSS5.8AI score0.00553EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:20 p.m.8 views

CVE-2020-25119

The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual...

4.8CVSS5.8AI score0.00663EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:12 p.m.7 views

CVE-2020-13150

D-link DSL-2750U ISL2750UEME3.V1E devices allow approximately 90 seconds of access to the control panel, after a restart, before MAC address filtering rules become active...

7.8CVSS7AI score0.00281EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 12:11 p.m.7 views

CVE-2012-2325

SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel ACP in MyBB aka MyBulletinBoard before 1.6.7 allows remote administrators to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.8AI score0.01047EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:35 a.m.6 views

CVE-2019-16993

In phpBB before 3.1.7-PL1, includes/acp/acpbbcodes.php has improper verification of a CSRF token on the BBCode page in the Administration Control Panel. An actual CSRF attack is possible if an attacker also manages to retrieve the session id of a reauthenticated administrator prior to targeting...

8.8CVSS6.7AI score0.00804EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:29 a.m.7 views

CVE-2019-5694

NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature also known as a binary planting or DLL preloading attack, which may lead to denial of service or...

6.5CVSS7AI score0.00573EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:24 a.m.7 views

CVE-2019-9859

Vesta Control Panel VestaCP 0.9.7 through 0.9.8-23 is vulnerable to an authenticated command execution that can result in remote root access on the server. The platform works with PHP as the frontend language and uses shell scripts to execute system actions. PHP executes shell script through the...

9CVSS7.3AI score0.03EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:22 a.m.7 views

CVE-2019-18873

FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the control panel, the payload...

9CVSS6.6AI score0.08154EPSS
Exploits6References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:33 a.m.5 views

CVE-2019-15571

The WEB control panel before 2019-04-30 for ClonOS allows SQL injection in clonos.php...

9.8CVSS8.1AI score0.01371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:30 a.m.13 views

CVE-2019-12791

A directory traversal vulnerability in the v-list-user script in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root via the password reset form...

9CVSS7.4AI score0.06497EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:27 a.m.7 views

CVE-2019-13525

In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network...

5.3CVSS7.3AI score0.0125EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:57 a.m.4 views

CVE-2017-8899

Invision Power Services IPS Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. This can be triggered by any Invision Power Board user and can be used to gain access to moderator/admin accounts. The...

8.1CVSS7.7AI score0.0148EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:33 a.m.8 views

CVE-2012-2326

Cross-site scripting XSS vulnerability in the Admin Control Panel ACP in MyBB aka MyBulletinBoard before 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malformed file name in an orphaned attachment...

4.3CVSS5.8AI score0.00994EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:6 a.m.8 views

CVE-2012-2324

Multiple SQL injection vulnerabilities in MyBB aka MyBulletinBoard before 1.6.7 allow remote administrators to execute arbitrary SQL commands via unspecified vectors in the 1 user search or 2 Mail Log in the Admin Control Panel ACP...

7.5CVSS8.9AI score0.01047EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:39 p.m.4 views

CVE-2009-2569

Multiple cross-site scripting XSS vulnerabilities in Verlihub Control Panel VHCP 1.7e allow remote attackers to inject arbitrary web script or HTML via 1 the nick parameter in a login action to index.php or 2 the URI in a news request to index.html...

4.3CVSS5.9AI score0.01761EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:53 p.m.6 views

CVE-2005-4861

functions.php in Ragnarok Online Control Panel ROCP 4.3.4a allows remote attackers to bypass authentication by requesting accountmanage.php with a trailing "/login.php" PHPSELF value, which is not properly handled by the CHECKAUTH function...

7.5CVSS7.3AI score0.01483EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 11:12 p.m.7 views

CVE-2025-39556

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mediavine Mediavine Control Panel mediavine-control-panel allows Retrieve Embedded Sensitive Data.This issue affects Mediavine Control Panel: from n/a through = 2.10.6...

5.3CVSS7.2AI score0.00402EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/04/23 2:37 a.m.4 views

SUSE CVE-2025-43919

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman aka the private archive authentication endpoint via the username parameter. NOTE: multiple third parties report that they are unable t...

7.5CVSS7.3AI score0.01403EPSS
Exploits3References3
Rows per page
Query Builder