Lucene search
K

2125 matches found

SUSE CVE
SUSE CVE
added 2025/04/23 2:37 a.m.6 views

SUSE CVE-2025-43920

GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...

8.1CVSS7.9AI score0.00493EPSS
Exploits2References3
OSV
OSV
added 2025/04/20 1:15 a.m.6 views

CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

5.3CVSS5.8AI score0.00379EPSS
Exploits1References4
OSV
OSV
added 2025/04/20 1:15 a.m.5 views

CVE-2025-43920

GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...

8.1CVSS6.1AI score0.00493EPSS
Exploits2References4
OSV
OSV
added 2025/04/20 1:15 a.m.3 views

UBUNTU-CVE-2025-43920

GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardles...

8.1CVSS6.1AI score0.00493EPSS
Exploits2References4
OSV
OSV
added 2025/04/20 1:15 a.m.0 views

UBUNTU-CVE-2025-43919

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman aka the private archive authentication endpoint via the username parameter. NOTE: multiple third parties report that they are unable t...

7.5CVSS5.9AI score0.01403EPSS
Exploits3References4
Patchstack
Patchstack
added 2025/04/16 2:0 p.m.4 views

WordPress Mediavine Control Panel plugin <= 2.10.6 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by anhchangmutrang in WordPress Plugin Mediavine Control Panel versions = 2.10.6...

5.3CVSS8.5AI score0.00402EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/04/16 1:15 p.m.20 views

CVE-2025-39556

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mediavine Mediavine Control Panel mediavine-control-panel allows Retrieve Embedded Sensitive Data.This issue affects Mediavine Control Panel: from n/a through = 2.10.6...

5.3CVSS0.00402EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/16 12:44 p.m.7 views

CVE-2025-39556 WordPress Mediavine Control Panel plugin <= 2.10.6 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mediavine Mediavine Control Panel allows Retrieve Embedded Sensitive Data. This issue affects Mediavine Control Panel: from n/a through 2.10.6...

5.3CVSS7AI score0.00402EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/16 12:44 p.m.17 views

CVE-2025-39556 WordPress Mediavine Control Panel plugin <= 2.10.6 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mediavine Mediavine Control Panel mediavine-control-panel allows Retrieve Embedded Sensitive Data.This issue affects Mediavine Control Panel: from n/a through = 2.10.6...

5.3CVSS0.00402EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 12:44 p.m.48 views

CVE-2025-39556

CVE-2025-39556: Mediavine Control Panel plugin (WordPress)

5.3CVSS7.2AI score0.00402EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.2 views

WordPress plugin Mediavine Control Panel 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.2AI score0.00402EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/02 5:36 p.m.18 views

CVE-2025-30006

Xorcom CompletePBX is vulnerable to a reflected cross-site scripting XSS in the administrative control panel. This issue affects CompletePBX: all versions up to and prior to 5.2.35...

6.1CVSS6AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2025/03/31 5:15 p.m.21 views

CVE-2025-30006

Xorcom CompletePBX is vulnerable to a reflected cross-site scripting XSS in the administrative control panel. This issue affects CompletePBX: all versions up to and prior to 5.2.35...

6.1CVSS0.00214EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/31 4:49 p.m.38 views

CVE-2025-30006 Xorcom CompletePBX <= 5.2.35 Reflected Cross-Site Scripting

Xorcom CompletePBX is vulnerable to a reflected cross-site scripting XSS in the administrative control panel. This issue affects CompletePBX: all versions up to and prior to 5.2.35...

6.1CVSS0.00214EPSS
Exploits0References2
CVE
CVE
added 2025/03/31 4:49 p.m.61 views

CVE-2025-30006

CVE-2025-30006 describes a reflected cross-site scripting (XSS) vulnerability in the admin control panel of Xorcom CompletePBX . The issue affects all CompletePBX versions up to and including 5.2.35. The vulnerability arises in the administrative interface and is exploitable under the CVSS 3.1 me...

6.1CVSS6AI score0.00214EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/03/08 12:0 a.m.3 views

OpenPanel 安全漏洞

Open Panel is an open source game server control panel. An elevation of privilege vulnerability exists in Open Panel. An attacker can exploit this vulnerability to escalate privileges via the Fix Privileges feature...

8CVSS7.4AI score0.00421EPSS
Exploits2References5
Packet Storm
Packet Storm
added 2025/03/06 12:0 a.m.1162 views

Hestia Control Panel 1.9.3 Remote Code Execution

Hestia Control Panel version 1.9.3 suffers from a remote command execution vulnerability. Exploit Title: Hestia Control Panel Remote Code Execution Google Dork: N/A Date: 05-03-2025 Exploit Author: Buğra Enis Dönmez n3c1 Vendor Homepage: https://hestiacp.com/ Software Link: https://hestiacp.com/...

7.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/03/05 12:0 a.m.4 views

The vulnerability of the bar files in the control panel of the software integration for IBM App Connect Enterprise allows a perpetrator to write any files into the file system.

The vulnerability of the bar files in the control panel of the IBM App Connect Enterprise software relates to incorrect path name restrictions for the restricted access directory. Exploiting this vulnerability could allow a malicious actor to write any files into the file system remotely...

6.8CVSS5.4AI score0.00459EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.1 views

Acronis Backup plugin for cPanel & WHM (Linux)和Acronis Backup extension for Plesk (Linux) 安全漏洞

Acronis Backup plugin for cPanel & WHM Linux and Acronis Backup extension for Plesk Linux are both plug-ins from Acronis Switzerland. A security vulnerability exists in Acronis Backup plugin for cPanel & WHM Linux and Acronis Backup extension for Plesk Linux, which stems from improper handling of...

5.5CVSS5.7AI score0.00181EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/27 12:0 a.m.3 views

PT-2025-9037 · Acronis · Acronis Backup Plugin For Cpanel & Whm +1

Name of the Vulnerable Software and Affected Versions: Acronis Backup plugin for cPanel & WHM Linux versions 1.8.4.866 and earlier Acronis Backup plugin for cPanel & WHM Linux versions 1.9.1.892 and earlier Acronis Backup extension for Plesk Linux versions 1.8.7.615 and earlier Description: The...

5.5CVSS7.3AI score0.00181EPSS
Exploits0References7
Rows per page
Query Builder