Name | Description |
---|---|
CVE-2023-5839 | Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8.9. |
CVE-2023-5084 | Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.8.8. |
CVE-2023-4517 | Cross-site Scripting (XSS) - Stored in GitHub repository hestiacp/hestiacp prior to 1.8.6. |
CVE-2023-3479 | Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.7.8. |
CVE-2022-2636 | Improper Control of Generation of Code ('Code Injection') in GitHub repository hestiacp/hestiacp prior to 1.6.6. |
CVE-2022-2626 | Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6. |
CVE-2022-2550 | OS Command Injection in GitHub repository hestiacp/hestiacp prior to 1.6.5. |
CVE-2022-1509 | Sed Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context. |
CVE-2022-0986 | Reflected Cross-site Scripting (XSS) Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.11. |
CVE-2022-0838 | Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.10. |
CVE-2022-0753 | Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.9. |
CVE-2022-0752 | Cross-site Scripting (XSS) - Generic in GitHub repository hestiacp/hestiacp prior to 1.5.9. |
CVE-2021-3797 | hestiacp is vulnerable to Use of Wrong Operator in String Comparison |
CVE-2021-30071 | A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. |
CVE-2021-30070 | An issue was discovered in HestiaCP before v1.3.5. Attackers are able to arbitrarily install packages due to values taken from the pgk [] parameter in the update request being transmitted to the operating system's package manager. |
You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select “Other” from dropdown)
|
||