2 matches found
CVE-2019-9859
Vesta Control Panel VestaCP 0.9.7 through 0.9.8-23 is vulnerable to an authenticated command execution that can result in remote root access on the server. The platform works with PHP as the frontend language and uses shell scripts to execute system actions. PHP executes shell script through the...
CVE-2019-9859
CVE-2019-9859 affects Vesta Control Panel (VestaCP) versions 0.9.7 through 0.9.8-23. An authenticated attacker can trigger command execution via PHP that may escalate to remote root access. The vulnerability stems from how VestaCP uses the PHP function exec to run shell scripts and how escapeshel...