Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hestiacp control panel vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-10966
In the Password Reset Module in VESTA Control Panel up to and including 0.9.8-25 and Hestia Control Panel prior to 1.1.1, Host header manipulation leads to account takeover because the victim receives a reset URL containing an attacker-controlled server name.
Hestiacp Control Panel
Vestacp Control Panel
383
VMScore
CVE-2022-0986
Reflected Cross-site Scripting (XSS) Vulnerability in GitHub repository hestiacp/hestiacp before 1.5.11.
Hestiacp Control Panel
668
VMScore
CVE-2021-3797
hestiacp is vulnerable to Use of Wrong Operator in String Comparison
Hestiacp Control Panel
NA
CVE-2023-5839
Privilege Chaining in GitHub repository hestiacp/hestiacp before 1.8.9.
Hestiacp Control Panel
NA
CVE-2022-2626
Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp before 1.6.6.
Hestiacp Control Panel
NA
CVE-2022-2636
Improper Control of Generation of Code ('Code Injection') in GitHub repository hestiacp/hestiacp before 1.6.6.
Hestiacp Control Panel
383
VMScore
CVE-2022-0753
Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp before 1.5.9.
Hestiacp Control Panel
383
VMScore
CVE-2022-0838
Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp before 1.5.10.
Hestiacp Control Panel
801
VMScore
CVE-2022-1509
Sed Injection Vulnerability in GitHub repository hestiacp/hestiacp before 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context.
Hestiacp Control Panel
NA
CVE-2023-3479
Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp before 1.7.8.
Hestiacp Control Panel
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »