Lucene search
K

2125 matches found

Vulnrichment
Vulnrichment
added 2022/10/24 12:0 a.m.6 views

CVE-2021-46850

myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection. An authenticated and remote administrative user can execute arbitrary commands via the vsftplicense parameter when sending HTTP POST requests to the /edit/server endpoint...

7.6AI score0.05241EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/10/24 12:0 a.m.6 views

Vesta Control Panel 参数注入漏洞

Vesta Control Panel VestaCP is an open source web hosting control panel. A parameter injection vulnerability exists in Vesta Control Panel versions prior to 0.9.8-26-43 and Vesta Control Panel versions prior to 0.9.8-26, which stems from the fact that when it sends an HTTP POST request to the...

7.2CVSS7.7AI score0.05241EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2022/10/24 12:0 a.m.7 views

PT-2022-12942 · Unknown · Vesta Control Panel

Name of the Vulnerable Software and Affected Versions: myVesta Control Panel versions prior to 0.9.8-26-43 Vesta Control Panel versions prior to 0.9.8-26 Description: The issue allows an authenticated and remote administrative user to execute arbitrary commands. This can be achieved by sending HT...

7.2CVSS7.3AI score0.05241EPSS
Exploits1References7
CVE
CVE
added 2022/10/24 12:0 a.m.67 views

CVE-2021-46850

CVE-2021-46850 affects myVesta Control Panel <0.9.8-26-43 and Vesta Control Panel

7.2CVSS7.5AI score0.05241EPSS
Exploits1References5Affected Software2
CNNVD
CNNVD
added 2022/10/13 12:0 a.m.4 views

iCMS 代码问题漏洞

iCMS is a software application. An efficient and simple content management system built with PHP and MySQL. A security vulnerability exists in iCMS version v7.0.16, which originates from a server-side request forgery SSRF contained in the url parameter via admincp.php...

9.8CVSS8.4AI score0.0089EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/10/13 12:0 a.m.6 views

CVE-2022-41496

iCMS v7.0.16 was discovered to contain a Server-Side Request Forgery SSRF via the url parameter at admincp.php...

9.7AI score0.0089EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2022/09/22 12:0 a.m.6 views

Easy Hosting Control Panel Cross-Site Request Forgery (CVE-2018-6458)

A cross-site request forgery vulnerability exists in Easy Hosting Control Panel. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

6.8CVSS4.5AI score0.10463EPSS
Exploits2
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/16 12:51 p.m.36 views

Security Bulletin: Rational Test Control Panel component in Rational Test Virtualization Server and Rational Test Workbench is vulnerable to a denial of service attack in Spring Framework (CVE-2022-22971)

Summary Spring Framework is vulnerable to a security issue affecting Rational Test Control Panel Vulnerability Details CVEID:CVE-2022-22971 DESCRIPTION: Vmware Tanzu Spring Framework is vulnerable to a denial of service, caused by a flaw with a STOMP over WebSocket endpoint. By sending a...

6.5CVSS6.5AI score0.02931EPSS
Exploits0Affected Software2
Prion
Prion
added 2022/09/02 10:15 p.m.13 views

Arbitrary file deletion

A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.0.0-1.4.9 allows attackers to access users credentials which makes him able to gain initial access to the control panel with high privilege because the cleartext storage of sensitive...

7.5CVSS8.9AI score0.09044EPSS
Exploits1References5Affected Software1
Malwarebytes
Malwarebytes
added 2022/08/29 4:0 p.m.19 views

Playing Doom on a John Deere tractor with Sick Codes: Lock and Code S03E18

In 1993, the video game developers at id Software released Doom, a first-person shooter that placed a nameless protagonist into the fiery depths of hell, equipped with an arsenal of weapons to mow down imps, demons, lost souls, and the intimidating "Barons of Hell." In 2022, the hacker Sick Codes...

0.1AI score
Exploits0
CNNVD
CNNVD
added 2022/07/19 12:0 a.m.5 views

Vesta Control Panel 跨站脚本漏洞

Vesta Control Panel VestaCP is an open source web hosting control panel. A security vulnerability exists in Vesta Control Panel version v1.0.0-5, which stems from the discovery that the post function via /web/api/v1/upload/UploadHandler.php contains a cross-site scripting XSS vulnerability...

6.1CVSS5.9AI score0.00441EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/07/19 12:0 a.m.3 views

Vesta Control Panel 跨站脚本漏洞

Vesta Control Panel VestaCP is an open source web hosting control panel. A security vulnerability exists in Vesta Control Panel version v1.0.0-5, which stems from a security issue in the handlefileupload function in UploadHandler.php...

6.1CVSS6.2AI score0.00441EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/07/19 12:0 a.m.3 views

Vesta Control Panel 跨站脚本漏洞

Vesta Control Panel VestaCP is an open source web hosting control panel. A security vulnerability exists in Vesta Control Panel version v1.0.0-5, which stems from a security issue in the generateresponse function in UploadHandler.php...

6.1CVSS6.2AI score0.00441EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/07/19 12:0 a.m.3 views

Vesta Control Panel 跨站脚本漏洞

Vesta Control Panel VestaCP is an open source web hosting control panel. A security vulnerability exists in Vesta Control Panel version v1.0.0-5, which stems from a security issue in the body function of UploadHandler.php...

6.1CVSS6.2AI score0.00441EPSS
Exploits1References2
Kaspersky
Kaspersky
added 2022/07/12 12:0 a.m.28 views

KLA12583 SUI vulnerability in Microsoft System Center

A tampering vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2022-33637 Related products Microsoft-Defender-for-Endpoint-for-Windows CVE list CVE-2022-33637 high KB list Solution Install necessary...

6.5CVSS7.1AI score0.01203EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/07/07 12:0 a.m.15 views

CWP Panel 操作系统命令注入漏洞

CWP Panel is a modern and advanced Linux control panel from CWP Inc. It is suitable for web hosting service providers and system administrators. A security vulnerability exists in CWP Panel version v0.9.8.1126. An attacker can exploit the vulnerability to run commands as root user...

9CVSS8AI score0.18236EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/07/07 12:0 a.m.3 views

CWP Panel 安全特征问题漏洞

CWP Panel is a modern and advanced Linux control panel from CWP Inc. for web hosting service providers and system administrators. A security vulnerability exists in CWP Panel version v0.9.8.1126, which stems from a password reset token being generated using known or predictable values...

5.9CVSS6AI score0.0154EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2022/06/20 12:0 a.m.354 views

Algo 8028 Control Panel Remote Code Execution

Exploit Title: Algo 8028 Control Panel - Remote Code Execution RCE Authenticated Google Dork: intitle:"Algo 8028 Control Panel" Shodan: title:"Algo 8028 Control Panel" Date: 2022-06-07 Exploit Author: Filip Carlsson Vendor Homepage: https://www.algosolutions.com/ Software Link:...

0.4AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/16 5:10 p.m.57 views

Security Bulletin: Rational Test Control Panel component in Rational Test Virtualization Server and Rational Test Workbench is affected but not classified as vulnerable by a remote code execution in Spring Framework (CVE-2022-22965)

Summary Rational Test Control Panel is affected but not vulnerable to a remote code execution in Spring Framework CVE-2022-22965 as it does not meet all of the following criteria: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR in contrast to a Spring Boot...

9.8CVSS1.2AI score0.99677EPSS
Exploits100Affected Software2
0day.today
0day.today
added 2022/06/14 12:0 a.m.252 views

Algo 8028 Control Panel - Remote Code Execution (Authenticated) Exploit

Exploit Title: Algo 8028 Control Panel - Remote Code Execution RCE Authenticated Google Dork: intitle:"Algo 8028 Control Panel" Shodan: title:"Algo 8028 Control Panel" Exploit Author: Filip Carlsson Vendor Homepage: https://www.algosolutions.com/ Software Link:...

7.4AI score
Exploits0
Rows per page
Query Builder