Show filters
17 Total Results
Displaying 11-17 of 17
Sort by:
Attacker Value
Unknown
CVE-2022-0986
Disclosure Date: March 16, 2022 (last updated October 07, 2023)
Reflected Cross-site Scripting (XSS) Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.11.
0
Attacker Value
Unknown
CVE-2022-0752
Disclosure Date: March 04, 2022 (last updated October 07, 2023)
Cross-site Scripting (XSS) - Generic in GitHub repository hestiacp/hestiacp prior to 1.5.9.
0
Attacker Value
Unknown
CVE-2022-0838
Disclosure Date: March 04, 2022 (last updated October 07, 2023)
Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.10.
0
Attacker Value
Unknown
CVE-2022-0753
Disclosure Date: March 03, 2022 (last updated October 07, 2023)
Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.9.
0
Attacker Value
Unknown
CVE-2021-3797
Disclosure Date: September 15, 2021 (last updated November 28, 2024)
hestiacp is vulnerable to Use of Wrong Operator in String Comparison
0
Attacker Value
Unknown
CVE-2021-27231
Disclosure Date: February 16, 2021 (last updated November 28, 2024)
Hestia Control Panel 1.3.5 and below, in a shared-hosting environment, sometimes allows remote authenticated users to create a subdomain for a different customer's domain name, leading to spoofing of services or email messages.
0
Attacker Value
Unknown
CVE-2020-10966
Disclosure Date: March 25, 2020 (last updated February 21, 2025)
In the Password Reset Module in VESTA Control Panel through 0.9.8-25 and Hestia Control Panel before 1.1.1, Host header manipulation leads to account takeover because the victim receives a reset URL containing an attacker-controlled server name.
0
