CVE-2021-28379

web/upload/UploadHandler.php in Vesta Control Panel aka VestaCP through 0.9.8-27 and myVesta through 0.9.8-26-39 allows uploads from a different origin...

CVE-2021-46850

myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection. An authenticated and remote administrative user can execute arbitrary commands via the vsftplicense parameter when sending HTTP POST requests to the /edit/server endpoint...

Command injection

myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection. An authenticated and remote administrative user can execute arbitrary commands via the vsftplicense parameter when sending HTTP POST requests to the /edit/server endpoint...

CVE-2021-46850

CVE-2021-46850 affects myVesta Control Panel <0.9.8-26-43 and Vesta Control Panel

CVE-2021-46850

myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection. An authenticated and remote administrative user can execute arbitrary commands via the vsftplicense parameter when sending HTTP POST requests to the /edit/server endpoint...

Cross-Site Request Forgery (CSRF) in myvesta/vesta

✍️ Description Attacker is able to rename any file on the server if logged in user visits attacker website. 🕵️‍♂️ Proof of Concept Create a test.txt file under /home/user when you logged in open this POC.html in a browser you can check test.txt renames to test.php. //PoC.html history.pushState'',...

Cross-Site Request Forgery (CSRF) in myvesta/vesta

✍️ Description The download/web-log endpoint does not have CSRF Protection. This could be used to force download error log and potentially sensitive information leakage. 🕵️‍♂️ Proof of Concept Login to user account. Create the following POC.html file and open the page in browser. To verify that you...

Cross-Site Request Forgery (CSRF) in myvesta/vesta

✍️ Description Attacker is able to "delete" an element from favorite. this vulnerability happens on some sections. for example on “Firewall” tab list/firewall/ 🕵️‍♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check unintentionally first record deletes from...

Cross-Site Request Forgery (CSRF) in myvesta/vesta

✍️ Description Attacker is able to add an element to favorite. this vulnerability happens on some sections. for example on “Firewall” tab list/firewall/ 🕵️‍♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check unintentionally first record saves as favorite...

Cross-Site Request Forgery (CSRF) in myvesta/vesta

✍️ Description Attacker is able to logout user if a logged in user visits attacker website. 🕵️‍♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check unintentionally you logged out history.pushState'', '', '/' document.forms0.submit; 💥 Impact This vulnerability is...

CVE-2021-28379

web/upload/UploadHandler.php in Vesta Control Panel aka VestaCP through 0.9.8-27 and myVesta through 0.9.8-26-39 allows uploads from a different origin...

CVE-2021-28379

CVE-2021-28379 affects Vesta Control Panel (VestaCP) and myVesta up to versions 0.9.8-27 / 0.9.8-26-39, where web/upload/UploadHandler.php does not enforce origin checks, allowing cross-origin file uploads. The vulnerability is described as a CSRF-style/file upload issue that can enable uploading...