Easy Hosting Control Panel Security Vulnerabilities and Issues — Easy Hosting Control Panel CVE List

Lucene search

EhcpEasy Hosting Control Panel

6 matches found

CVE•added 2018/05/11 9:29 p.m.•40 views

CVE-2018-6458

Easy Hosting Control Panel (EHCP) v0.37.12.b allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging lack of CSRF protection.

8.8CVSS8.8AI score0.01929EPSS

CVE•added 2018/05/11 9:29 p.m.•32 views

CVE-2018-6619

Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attackers to crack database passwords by leveraging use of a weak hashing algorithm without a salt.

7.8CVSS7.5AI score0.00038EPSS

CVE•added 2018/05/11 9:29 p.m.•31 views

CVE-2018-6617

Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL server, allows attackers to change passwords of arbitrary database users by leveraging failure to ask for the current password.

7.8CVSS7.4AI score0.00072EPSS

CVE•added 2018/05/11 9:29 p.m.•29 views

CVE-2018-6361

Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the op parameter, as demonstrated by adding a backdoor FTP account.

6.1CVSS5.9AI score0.01773EPSS

CVE•added 2018/05/11 9:29 p.m.•29 views

CVE-2018-6362

Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the domainop action parameter, as demonstrated by reading the PHPSESSID cookie.

6.1CVSS6AI score0.00234EPSS

CVE•added 2018/05/11 9:29 p.m.•23 views

CVE-2018-6618

Easy Hosting Control Panel (EHCP) v0.37.12.b allows attackers to obtain sensitive information by leveraging cleartext password storage.

7.8CVSS7.4AI score0.00072EPSS