Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:53 a.m.8 views

CVE-2020-10808

Vesta Control Panel VestaCP through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demonstrated by an FTP session that renames .bashlogout to a .bashlogout' substring followed by shell...

9CVSS7AI score0.77261EPSS
Exploits7References1
NVD
NVD
added 2020/03/22 5:15 p.m.18 views

CVE-2020-10808

Vesta Control Panel VestaCP through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demonstrated by an FTP session that renames .bashlogout to a .bashlogout' substring followed by shell...

9CVSS8.7AI score0.77261EPSS
Exploits7References5
OSV
OSV
added 2020/03/22 5:15 p.m.6 views

CVE-2020-10808

Vesta Control Panel VestaCP through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demonstrated by an FTP session that renames .bashlogout to a .bashlogout' substring followed by shell...

8.8CVSS5.8AI score0.77261EPSS
Exploits7References5
Positive Technologies
Positive Technologies
added 2020/03/22 12:0 a.m.3 views

PT-2020-12337 · Vestacp · Vesta Control Panel

Name of the Vulnerable Software and Affected Versions: Vesta Control Panel VestaCP versions 0.9.8-26 and earlier Description: The issue allows Command Injection via the "schedule/backup Backup Listing Endpoint". An attacker must be able to create a crafted filename on the server. This can be...

9CVSS8.6AI score0.77261EPSS
Exploits7References8
Rows per page
Query Builder