2 matches found
CVE-2018-6617
EHCP v0.37.12.b is affected: when using a local MySQL server, an attacker can change passwords of arbitrary database users because EHCP fails to prompt for the current password when setting a new one. This is a local-attack vector with high impact on confidentiality and integrity of database cred...
Easy Hosting Control Panel 0.37.12.b Unverified Password Change
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EHCP-v0.37.12.b-UNVERIFIED-PASSWORD-CHANGE.txt + ISR: Apparition Security Greetz: indoushka|Eduardo|Dirty0tis Vendor: ============= www.ehcp.net Product: =========== Easy Hosting Control...