2125 matches found
CVE-2021-46850
myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection. An authenticated and remote administrative user can execute arbitrary commands via the vsftplicense parameter when sending HTTP POST requests to the /edit/server endpoint...
Vesta Control Panel 参数注入漏洞
Vesta Control Panel VestaCP is an open source web hosting control panel. A parameter injection vulnerability exists in Vesta Control Panel versions prior to 0.9.8-26-43 and Vesta Control Panel versions prior to 0.9.8-26, which stems from the fact that when it sends an HTTP POST request to the...
PT-2022-12942 · Unknown · Vesta Control Panel
Name of the Vulnerable Software and Affected Versions: myVesta Control Panel versions prior to 0.9.8-26-43 Vesta Control Panel versions prior to 0.9.8-26 Description: The issue allows an authenticated and remote administrative user to execute arbitrary commands. This can be achieved by sending HT...
CVE-2021-46850
CVE-2021-46850 affects myVesta Control Panel <0.9.8-26-43 and Vesta Control Panel
iCMS 代码问题漏洞
iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A security vulnerability exists in iCMS version v7.0.16, which originates from a server-side request forgery SSRF contained in the url parameter via admincp.php...
CVE-2022-41496
iCMS v7.0.16 was discovered to contain a Server-Side Request Forgery SSRF via the url parameter at admincp.php...
Easy Hosting Control Panel Cross-Site Request Forgery (CVE-2018-6458)
A cross-site request forgery vulnerability exists in Easy Hosting Control Panel. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Security Bulletin: Rational Test Control Panel component in Rational Test Virtualization Server and Rational Test Workbench is vulnerable to a denial of service attack in Spring Framework (CVE-2022-22971)
Summary Spring Framework is vulnerable to a security issue affecting Rational Test Control Panel Vulnerability Details CVEID:CVE-2022-22971 DESCRIPTION: Vmware Tanzu Spring Framework is vulnerable to a denial of service, caused by a flaw with a STOMP over WebSocket endpoint. By sending a...
Arbitrary file deletion
A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.0.0-1.4.9 allows attackers to access users credentials which makes him able to gain initial access to the control panel with high privilege because the cleartext storage of sensitive...
Playing Doom on a John Deere tractor with Sick Codes: Lock and Code S03E18
In 1993, the video game developers at id Software released Doom, a first-person shooter that placed a nameless protagonist into the fiery depths of hell, equipped with an arsenal of weapons to mow down imps, demons, lost souls, and the intimidating "Barons of Hell." In 2022, the hacker Sick Codes...
Vesta Control Panel 跨站脚本漏洞
Vesta Control Panel VestaCP is an open source web hosting control panel. A security vulnerability exists in Vesta Control Panel version v1.0.0-5, which stems from the discovery that the post function via /web/api/v1/upload/UploadHandler.php contains a cross-site scripting XSS vulnerability...
Vesta Control Panel 跨站脚本漏洞
Vesta Control Panel VestaCP is an open source web hosting control panel. A security vulnerability exists in Vesta Control Panel version v1.0.0-5, which stems from a security issue in the handlefileupload function in UploadHandler.php...
Vesta Control Panel 跨站脚本漏洞
Vesta Control Panel VestaCP is an open source web hosting control panel. A security vulnerability exists in Vesta Control Panel version v1.0.0-5, which stems from a security issue in the generateresponse function in UploadHandler.php...
Vesta Control Panel 跨站脚本漏洞
Vesta Control Panel VestaCP is an open source web hosting control panel. A security vulnerability exists in Vesta Control Panel version v1.0.0-5, which stems from a security issue in the body function of UploadHandler.php...
KLA12583 SUI vulnerability in Microsoft System Center
A tampering vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2022-33637 Related products Microsoft-Defender-for-Endpoint-for-Windows CVE list CVE-2022-33637 high KB list Solution Install necessary...
CWP Panel 操作系统命令注入漏洞
CWP Panel is a modern and advanced Linux control panel from CWP Inc. It is suitable for web hosting service providers and system administrators. A security vulnerability exists in CWP Panel version v0.9.8.1126. An attacker can exploit the vulnerability to run commands as root user...
CWP Panel 安全特征问题漏洞
CWP Panel is a modern and advanced Linux control panel from CWP Inc. for web hosting service providers and system administrators. A security vulnerability exists in CWP Panel version v0.9.8.1126, which stems from a password reset token being generated using known or predictable values...
Algo 8028 Control Panel Remote Code Execution
Exploit Title: Algo 8028 Control Panel - Remote Code Execution RCE Authenticated Google Dork: intitle:"Algo 8028 Control Panel" Shodan: title:"Algo 8028 Control Panel" Date: 2022-06-07 Exploit Author: Filip Carlsson Vendor Homepage: https://www.algosolutions.com/ Software Link:...
Security Bulletin: Rational Test Control Panel component in Rational Test Virtualization Server and Rational Test Workbench is affected but not classified as vulnerable by a remote code execution in Spring Framework (CVE-2022-22965)
Summary Rational Test Control Panel is affected but not vulnerable to a remote code execution in Spring Framework CVE-2022-22965 as it does not meet all of the following criteria: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR in contrast to a Spring Boot...
Algo 8028 Control Panel - Remote Code Execution (Authenticated) Exploit
Exploit Title: Algo 8028 Control Panel - Remote Code Execution RCE Authenticated Google Dork: intitle:"Algo 8028 Control Panel" Shodan: title:"Algo 8028 Control Panel" Exploit Author: Filip Carlsson Vendor Homepage: https://www.algosolutions.com/ Software Link:...