exploit the possibilities
Showing 1 - 9 of 9 RSS Feed

Files

VestaCP 0.9.8-22 Cross Site Scripting
Posted Oct 22, 2018
Authored by Numan OZDEMIR

VestaCP versions 0.9.8-22 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-18547
SHA-256 | 7467ba2804d2b29e8b8284ec7982fe323b4a208a86a9eca0cbc3bfd8757f194e

Related Files

VestaCP 0.9.8 Command Injection
Posted Mar 19, 2021
Authored by numan turle

VestaCP version 0.9.8 suffers from a command injection vulnerability.

tags | exploit
SHA-256 | 938b6d6c27f61c9809c0637869f486e2fe7cb522a5ec286367a8f2f9bb53eebb
VestaCP 0.9.8 Cross Site Scripting
Posted Mar 18, 2021
Authored by numan turle

VestaCP version 0.9.8 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting was discovered in this version in February of 2016 by Necmettin COSKUN.

tags | exploit, xss
SHA-256 | 936b7288bed9dcf93c8a516f91cad5a07fbe2daf994ea79501c73aef2e6153aa
VestaCP 0.9.8 Cross Site Request Forgery
Posted Mar 17, 2021
Authored by Fady Othman

VestaCP version 0.9.8 suffers from a cross site request forgery that can be leveraged to add remote ssh access.

tags | exploit, remote, csrf
advisories | CVE-2021-28379
SHA-256 | d8e5b5595824f47b497814f48567128c28abd86490a24820989a572b16eb6f54
VestaCP 0.9.8-26 Session Validation
Posted Dec 4, 2020
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

VestaCP version 0.9.8-26 suffers from an insufficient session validation vulnerability.

tags | exploit
SHA-256 | 6159b79ee1c4557d55f413617ee3f2dcdd0659e7afec203a8cd037f6b89243be
VestaCP 0.9.8-26 Cross Site Scripting
Posted Dec 4, 2020
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

VestaCP version 0.9.8-26 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7e70fa744d9b07edcbfc4a161a26c921eb4218063ebaa6d7a2d8da58ea7d7db7
Vesta Control Panel Authenticated Remote Code Execution
Posted Apr 14, 2020
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits an authenticated command injection vulnerability in the v-list-user-backups bash script file in Vesta Control Panel to gain remote code execution as the root user.

tags | exploit, remote, root, code execution, bash
advisories | CVE-2020-10808
SHA-256 | a64694c4be6f8e142202272067ab8240d23b31e8f44348ffeb1c7d3cbe55c1cf
Vesta Control Panel Authenticated Remote Code Execution
Posted Apr 6, 2020
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits command injection vulnerability in v-list-user-backups bash script file. Low privileged authenticated users can execute arbitrary commands under the context of the root user. An authenticated attacker with a low privileges can inject a payload in the file name starts with dot. During the user backup process, this file name will be evaluated by the v-user-backup bash scripts. As result of that backup process, when an attacker try to list existing backups injected payload will be executed.

tags | exploit, arbitrary, root, bash
advisories | CVE-2020-10808
SHA-256 | c994018871aaf2d9fb2b0d77fe7087abdbe4671491c2b25721371a3f880b91c3
Vesta Control Panel 0.9.8-16 Local Privilege Escalation
Posted Dec 22, 2016
Authored by Jaka Hudoklin

Vesta Control Panel versions 0.9.7 through 0.9.8-16 suffer from a local privilege escalation vulnerability.

tags | exploit, local
SHA-256 | 92b3241e8441af834584c0d465c45d6ae5c0868954554b3b59ef1a096edb42da
Vesta Control Panel 0.9.8-15 Cross Site Scripting
Posted Feb 18, 2016
Authored by Necmettin COSKUN

Vesta Control Panel versions 0.9.8-15 and below suffer from a persistent cross site scripting vulnerability via the user agent.

tags | exploit, xss
SHA-256 | d430afd4621b5d62dad4b70ffff8d6258610f314f51abde198f22b3b9841fd8d
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close