Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vestacp vesta control panel 0.9.8-24 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-43693
vesta 0.9.8-24 is affected by a file inclusion vulnerability in file web/add/user/index.php.
Vestacp Vesta Control Panel 0.9.8-24
8.8
CVSSv3
CVE-2019-12792
A command injection vulnerability in UploadHandler.php in Vesta Control Panel 0.9.8-24 allows remote malicious users to escalate from regular registered users to root.
Vestacp Control Panel 0.9.8-24
8.8
CVSSv3
CVE-2019-12791
A directory traversal vulnerability in the v-list-user script in Vesta Control Panel 0.9.8-24 allows remote malicious users to escalate from regular registered users to root via the password reset form.
Vestacp Control Panel 0.9.8-24
7.2
CVSSv3
CVE-2021-30462
VestaCP up to and including 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts.
Vestacp Vesta Control Panel
7.8
CVSSv3
CVE-2021-30463
VestaCP up to and including 0.9.8-24 allows malicious users to gain privileges by creating symlinks to files for which they lack permissions. After reading the RKEY value from user.conf under the /usr/local/vesta/data/users/admin directory, the admin password can be changed via a...
Vestacp Control Panel
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started