Filtered by vendor Ajenti
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1000080 | 1 Ajenti | 1 Ajenti | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| Ajenti version version 2 contains a Insecure Permissions vulnerability in Plugins download that can result in The download of any plugins as being a normal user. This attack appear to be exploitable via By knowing how the requisition is made, and sending it as a normal user, the server, in response, downloads the plugin. | |||||
| CVE-2018-18548 | 1 Ajenti | 1 Ajenticp | 2018-12-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| ajenticp (aka Ajenti Docker control panel) for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager. | |||||
| CVE-2018-1000083 | 1 Ajenti | 1 Ajenti | 2018-04-06 | 5.0 MEDIUM | 5.3 MEDIUM |
| Ajenti version version 2 contains a Improper Error Handling vulnerability in Login JSON request that can result in The requisition leaks a path of the server. This attack appear to be exploitable via By sending a malformed JSON, the tool responds with a traceback error that leaks a path of the server. | |||||