Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vestacp vesta control panel 0.9.8-24 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-43693
vesta 0.9.8-24 is affected by a file inclusion vulnerability in file web/add/user/index.php.
Vestacp Vesta Control Panel 0.9.8-24
8.8
CVSSv3
CVE-2019-12792
A command injection vulnerability in UploadHandler.php in Vesta Control Panel 0.9.8-24 allows remote malicious users to escalate from regular registered users to root.
Vestacp Control Panel 0.9.8-24
8.8
CVSSv3
CVE-2019-12791
A directory traversal vulnerability in the v-list-user script in Vesta Control Panel 0.9.8-24 allows remote malicious users to escalate from regular registered users to root via the password reset form.
Vestacp Control Panel 0.9.8-24
7.2
CVSSv3
CVE-2021-30462
VestaCP up to and including 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts.
Vestacp Vesta Control Panel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started