Hestiacp: >> Control Panel >> 0.9.8-28 Security Vulnerabilities
Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8.9.
CVSS Score
8.8
EPSS Score
0.0
Published
2023-10-29
Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.7.8.
CVSS Score
4.3
EPSS Score
0.153
Published
2023-06-30
A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVSS Score
6.1
EPSS Score
0.001
Published
2022-08-18
Improper Control of Generation of Code ('Code Injection') in GitHub repository hestiacp/hestiacp prior to 1.6.6.
CVSS Score
8.5
EPSS Score
0.001
Published
2022-08-05
Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6.
CVSS Score
9.1
EPSS Score
0.001
Published
2022-08-05
OS Command Injection in GitHub repository hestiacp/hestiacp prior to 1.6.5.
CVSS Score
9.9
EPSS Score
0.293
Published
2022-07-27
Command Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context.
CVSS Score
9.9
EPSS Score
0.017
Published
2022-04-28
Reflected Cross-site Scripting (XSS) Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.11.
CVSS Score
2.4
EPSS Score
0.003
Published
2022-03-16
Cross-site Scripting (XSS) - Generic in GitHub repository hestiacp/hestiacp prior to 1.5.9.
CVSS Score
3.5
EPSS Score
0.003
Published
2022-03-04
Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.10.
CVSS Score
6.6
EPSS Score
0.009
Published
2022-03-04
Page 1