Control Panel Security Vulnerabilities and Issues — Control Panel CVE List

Command Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context.

9.9CVSS9.1AI score0.01681EPSS

CVE•added 2022/03/04 12:15 p.m.•65 views

CVE-2022-0752

Cross-site Scripting (XSS) - Generic in GitHub repository hestiacp/hestiacp prior to 1.5.9.

6.1CVSS4.9AI score0.00297EPSS

CVE•added 2022/08/05 10:15 a.m.•52 views

CVE-2022-2636

Improper Control of Generation of Code ('Code Injection') in GitHub repository hestiacp/hestiacp prior to 1.6.6.

8.8CVSS8.9AI score0.00126EPSS

CVE•added 2022/08/05 9:15 a.m.•49 views

CVE-2022-2626

Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6.

9.1CVSS7.3AI score0.00079EPSS

CVE•added 2022/07/27 3:15 p.m.•48 views

CVE-2022-2550

OS Command Injection in GitHub repository hestiacp/hestiacp prior to 1.6.5.

9.9CVSS9AI score0.29271EPSS

CVE•added 2022/08/18 5:15 a.m.•39 views

CVE-2021-30071

A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

6.1CVSS5.9AI score0.00085EPSS