Vulnerability Details CVE-2015-4117
Vesta Control Panel before 0.9.8-14 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the backup parameter to list/backup/index.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.12
EPSS Ranking 93.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2015-4117
-
cpe:2.3:a:vestacp:control_panel:0.9.7-13
-
cpe:2.3:a:vestacp:control_panel:0.9.7-14
-
cpe:2.3:a:vestacp:control_panel:0.9.7-15
-
cpe:2.3:a:vestacp:control_panel:0.9.7-16
-
cpe:2.3:a:vestacp:control_panel:0.9.7-17
-
cpe:2.3:a:vestacp:control_panel:0.9.7-18
-
cpe:2.3:a:vestacp:control_panel:0.9.7-19
-
cpe:2.3:a:vestacp:control_panel:0.9.7-20
-
cpe:2.3:a:vestacp:control_panel:0.9.7-21
-
cpe:2.3:a:vestacp:control_panel:0.9.7-22
-
cpe:2.3:a:vestacp:control_panel:0.9.8-1
-
cpe:2.3:a:vestacp:control_panel:0.9.8-10
-
cpe:2.3:a:vestacp:control_panel:0.9.8-11
-
cpe:2.3:a:vestacp:control_panel:0.9.8-12
-
cpe:2.3:a:vestacp:control_panel:0.9.8-13
-
cpe:2.3:a:vestacp:control_panel:0.9.8-2
-
cpe:2.3:a:vestacp:control_panel:0.9.8-3
-
cpe:2.3:a:vestacp:control_panel:0.9.8-4
-
cpe:2.3:a:vestacp:control_panel:0.9.8-5
-
cpe:2.3:a:vestacp:control_panel:0.9.8-6
-
cpe:2.3:a:vestacp:control_panel:0.9.8-7
-
cpe:2.3:a:vestacp:control_panel:0.9.8-8
-
cpe:2.3:a:vestacp:control_panel:0.9.8-9