Vulnerabilites related to ispconfig - ispconfig
CVE-2023-46818 (GCVE-0-2023-46818)
Vulnerability from cvelistv5
Published
2023-10-27 00:00
Modified
2024-10-11 17:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:21.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-2-11p1-released/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176126/ISPConfig-3.2.11-PHP-Code-Injection.html"
},
{
"name": "20231212 [KIS-2023-13] ISPConfig \u003c= 3.2.11 (language_edit.php) PHP Code Injection Vulnerability",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Dec/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-46818",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-31T15:05:52.828918Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T17:06:17.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-13T00:06:36.798543",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.ispconfig.org/blog/ispconfig-3-2-11p1-released/"
},
{
"url": "http://packetstormsecurity.com/files/176126/ISPConfig-3.2.11-PHP-Code-Injection.html"
},
{
"name": "20231212 [KIS-2023-13] ISPConfig \u003c= 3.2.11 (language_edit.php) PHP Code Injection Vulnerability",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2023/Dec/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-46818",
"datePublished": "2023-10-27T00:00:00",
"dateReserved": "2023-10-27T00:00:00",
"dateUpdated": "2024-10-11T17:06:17.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4118 (GCVE-0-2015-4118)
Vulnerability from cvelistv5
Published
2015-06-15 15:00
Modified
2024-08-06 06:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig before 3.0.5.4p7 allows remote authenticated users with monitor permissions to execute arbitrary SQL commands via the server parameter. NOTE: this can be leveraged by remote attackers using CVE-2015-4119.2.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/535734/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://bugtracker.ispconfig.org/index.php?do=details&task_id=3898 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/75126 | vdb-entry, x_refsource_BID | |
| http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/37259/ | exploit, x_refsource_EXPLOIT-DB | |
| https://www.htbridge.com/advisory/HTB23260 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.920Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150610 Multiple Vulnerabilities in ISPConfig",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/535734/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugtracker.ispconfig.org/index.php?do=details\u0026task_id=3898"
},
{
"name": "75126",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75126"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html"
},
{
"name": "37259",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/37259/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.htbridge.com/advisory/HTB23260"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig before 3.0.5.4p7 allows remote authenticated users with monitor permissions to execute arbitrary SQL commands via the server parameter. NOTE: this can be leveraged by remote attackers using CVE-2015-4119.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20150610 Multiple Vulnerabilities in ISPConfig",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/535734/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugtracker.ispconfig.org/index.php?do=details\u0026task_id=3898"
},
{
"name": "75126",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75126"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html"
},
{
"name": "37259",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/37259/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.htbridge.com/advisory/HTB23260"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4118",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig before 3.0.5.4p7 allows remote authenticated users with monitor permissions to execute arbitrary SQL commands via the server parameter. NOTE: this can be leveraged by remote attackers using CVE-2015-4119.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150610 Multiple Vulnerabilities in ISPConfig",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535734/100/0/threaded"
},
{
"name": "http://bugtracker.ispconfig.org/index.php?do=details\u0026task_id=3898",
"refsource": "CONFIRM",
"url": "http://bugtracker.ispconfig.org/index.php?do=details\u0026task_id=3898"
},
{
"name": "75126",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75126"
},
{
"name": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html"
},
{
"name": "37259",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37259/"
},
{
"name": "https://www.htbridge.com/advisory/HTB23260",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23260"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4118",
"datePublished": "2015-06-15T15:00:00",
"dateReserved": "2015-05-28T00:00:00",
"dateUpdated": "2024-08-06T06:04:02.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2315 (GCVE-0-2006-2315)
Vulnerability from cvelistv5
Published
2006-05-12 00:00
Modified
2024-08-07 17:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the go_info[server][classes_root] parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under the web root in version 2.2, and register_globals is not enabled
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/17909 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/25355 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2006/1727 | vdb-entry, x_refsource_VUPEN | |
| https://www.exploit-db.com/exploits/1762 | exploit, x_refsource_EXPLOIT-DB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/26299 | vdb-entry, x_refsource_XF | |
| http://www.howtoforge.com/forums/showthread.php?t=4123 | x_refsource_MISC | |
| http://secunia.com/advisories/19994 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.xorcrew.net/xpa/XPA-ISPConfig.txt | x_refsource_MISC | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045855.html | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/archive/1/437456/100/200/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:43:29.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17909",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17909"
},
{
"name": "25355",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25355"
},
{
"name": "ADV-2006-1727",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1727"
},
{
"name": "1762",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/1762"
},
{
"name": "ispconfig-session-inc-file-include(26299)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26299"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.howtoforge.com/forums/showthread.php?t=4123"
},
{
"name": "19994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19994"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.xorcrew.net/xpa/XPA-ISPConfig.txt"
},
{
"name": "20060507 [XPA] - ISPConfig \u003c= 2.2.2 - Remote Command Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045855.html"
},
{
"name": "20060616 Re: [Bugtraq ID: 17909] ISPConfig Session.INC.PHP Remote File Include Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437456/100/200/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the go_info[server][classes_root] parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under the web root in version 2.2, and register_globals is not enabled"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17909",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17909"
},
{
"name": "25355",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25355"
},
{
"name": "ADV-2006-1727",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1727"
},
{
"name": "1762",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/1762"
},
{
"name": "ispconfig-session-inc-file-include(26299)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26299"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.howtoforge.com/forums/showthread.php?t=4123"
},
{
"name": "19994",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19994"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.xorcrew.net/xpa/XPA-ISPConfig.txt"
},
{
"name": "20060507 [XPA] - ISPConfig \u003c= 2.2.2 - Remote Command Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045855.html"
},
{
"name": "20060616 Re: [Bugtraq ID: 17909] ISPConfig Session.INC.PHP Remote File Include Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437456/100/200/threaded"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the go_info[server][classes_root] parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under the web root in version 2.2, and register_globals is not enabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17909",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17909"
},
{
"name": "25355",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25355"
},
{
"name": "ADV-2006-1727",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1727"
},
{
"name": "1762",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1762"
},
{
"name": "ispconfig-session-inc-file-include(26299)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26299"
},
{
"name": "http://www.howtoforge.com/forums/showthread.php?t=4123",
"refsource": "MISC",
"url": "http://www.howtoforge.com/forums/showthread.php?t=4123"
},
{
"name": "19994",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19994"
},
{
"name": "http://www.xorcrew.net/xpa/XPA-ISPConfig.txt",
"refsource": "MISC",
"url": "http://www.xorcrew.net/xpa/XPA-ISPConfig.txt"
},
{
"name": "20060507 [XPA] - ISPConfig \u003c= 2.2.2 - Remote Command Execution Vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045855.html"
},
{
"name": "20060616 Re: [Bugtraq ID: 17909] ISPConfig Session.INC.PHP Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437456/100/200/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2315",
"datePublished": "2006-05-12T00:00:00",
"dateReserved": "2006-05-11T00:00:00",
"dateUpdated": "2024-08-07T17:43:29.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17384 (GCVE-0-2017-17384)
Vulnerability from cvelistv5
Published
2017-12-07 08:00
Modified
2024-08-05 20:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ISPConfig 3.x before 3.1.9 allows remote authenticated users to obtain root access by creating a crafted cron job.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ispconfig.org/blog/ispconfig-3-1-9-released-important-security-update/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:31.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-9-released-important-security-update/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-12-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ISPConfig 3.x before 3.1.9 allows remote authenticated users to obtain root access by creating a crafted cron job."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-07T07:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-9-released-important-security-update/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ISPConfig 3.x before 3.1.9 allows remote authenticated users to obtain root access by creating a crafted cron job."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ispconfig.org/blog/ispconfig-3-1-9-released-important-security-update/",
"refsource": "CONFIRM",
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-9-released-important-security-update/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17384",
"datePublished": "2017-12-07T08:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:31.028Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3021 (GCVE-0-2021-3021)
Vulnerability from cvelistv5
Published
2021-01-05 15:47
Modified
2024-08-03 16:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ISPConfig before 3.2.2 allows SQL injection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ispconfig.org/blog/ispconfig-3-2-2-released-important-security-update/ | x_refsource_MISC | |
| https://twitter.com/ispconfig/status/1346142615511724032 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:50.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-2-2-released-important-security-update/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/ispconfig/status/1346142615511724032"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ISPConfig before 3.2.2 allows SQL injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-05T15:47:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-2-2-released-important-security-update/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/ispconfig/status/1346142615511724032"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-3021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ISPConfig before 3.2.2 allows SQL injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ispconfig.org/blog/ispconfig-3-2-2-released-important-security-update/",
"refsource": "MISC",
"url": "https://www.ispconfig.org/blog/ispconfig-3-2-2-released-important-security-update/"
},
{
"name": "https://twitter.com/ispconfig/status/1346142615511724032",
"refsource": "MISC",
"url": "https://twitter.com/ispconfig/status/1346142615511724032"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-3021",
"datePublished": "2021-01-05T15:47:02",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T16:45:50.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-2087 (GCVE-0-2012-2087)
Vulnerability from cvelistv5
Published
2020-01-23 13:57
Modified
2024-08-06 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- authentication error
Summary
ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod and chown entire server from client interface.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2012/04/08/3 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/74739 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2012/04/09/4 | x_refsource_MISC | |
| https://www.securityfocus.com/bid/52936 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:17:27.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/04/08/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74739"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/04/09/4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/52936"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ISPConfig",
"vendor": "ISPConfig",
"versions": [
{
"status": "affected",
"version": "3.0.4.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ISPConfig 3.0.4.3: the \"Add new Webdav user\" can chmod and chown entire server from client interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "authentication error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-23T13:57:46",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/04/08/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74739"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2012/04/09/4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/52936"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ISPConfig",
"version": {
"version_data": [
{
"version_value": "3.0.4.3"
}
]
}
}
]
},
"vendor_name": "ISPConfig"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ISPConfig 3.0.4.3: the \"Add new Webdav user\" can chmod and chown entire server from client interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "authentication error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.openwall.com/lists/oss-security/2012/04/08/3",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/04/08/3"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74739",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74739"
},
{
"name": "http://www.openwall.com/lists/oss-security/2012/04/09/4",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/04/09/4"
},
{
"name": "https://www.securityfocus.com/bid/52936",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/52936"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-2087",
"datePublished": "2020-01-23T13:57:47",
"dateReserved": "2012-04-04T00:00:00",
"dateUpdated": "2024-08-06T19:17:27.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-17984 (GCVE-0-2018-17984)
Vulnerability from cvelistv5
Published
2018-10-04 23:00
Modified
2024-08-05 11:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution. This is exploitable by authenticated users who have local filesystem access.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:01:14.833Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-13-released-important-security-bugfix/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://0x09al.github.io/security/ispconfig/exploit/vulnerability/2018/08/20/bug-or-backdoor-ispconfig-rce.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/0x09AL/0x09al.github.io/blob/master/_posts/2018-08-20-bug-or-backdoor-ispconfig-rce.markdown"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution. This is exploitable by authenticated users who have local filesystem access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-04T23:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-13-released-important-security-bugfix/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://0x09al.github.io/security/ispconfig/exploit/vulnerability/2018/08/20/bug-or-backdoor-ispconfig-rce.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/0x09AL/0x09al.github.io/blob/master/_posts/2018-08-20-bug-or-backdoor-ispconfig-rce.markdown"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution. This is exploitable by authenticated users who have local filesystem access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ispconfig.org/blog/ispconfig-3-1-13-released-important-security-bugfix/",
"refsource": "MISC",
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-13-released-important-security-bugfix/"
},
{
"name": "https://0x09al.github.io/security/ispconfig/exploit/vulnerability/2018/08/20/bug-or-backdoor-ispconfig-rce.html",
"refsource": "MISC",
"url": "https://0x09al.github.io/security/ispconfig/exploit/vulnerability/2018/08/20/bug-or-backdoor-ispconfig-rce.html"
},
{
"name": "https://github.com/0x09AL/0x09al.github.io/blob/master/_posts/2018-08-20-bug-or-backdoor-ispconfig-rce.markdown",
"refsource": "MISC",
"url": "https://github.com/0x09AL/0x09al.github.io/blob/master/_posts/2018-08-20-bug-or-backdoor-ispconfig-rce.markdown"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-17984",
"datePublished": "2018-10-04T23:00:00",
"dateReserved": "2018-10-04T00:00:00",
"dateUpdated": "2024-08-05T11:01:14.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9398 (GCVE-0-2020-9398)
Vulnerability from cvelistv5
Published
2020-02-25 20:23
Modified
2024-08-04 10:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_allowed=sites option is manually enabled, allows SQL Injection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ispconfig.org/blog/ispconfig-3-1-15p3-released-security-bugfix-release/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:26:16.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-15p3-released-security-bugfix-release/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_allowed=sites option is manually enabled, allows SQL Injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-25T20:23:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-15p3-released-security-bugfix-release/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-9398",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_allowed=sites option is manually enabled, allows SQL Injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ispconfig.org/blog/ispconfig-3-1-15p3-released-security-bugfix-release/",
"refsource": "MISC",
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-15p3-released-security-bugfix-release/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-9398",
"datePublished": "2020-02-25T20:23:55",
"dateReserved": "2020-02-25T00:00:00",
"dateUpdated": "2024-08-04T10:26:16.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4119 (GCVE-0-2015-4119)
Vulnerability from cvelistv5
Published
2015-06-15 15:00
Modified
2024-08-06 06:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in ISPConfig before 3.0.5.4p7 allow remote attackers to hijack the authentication of (1) administrators for requests that create an administrator account via a request to admin/users_edit.php or (2) arbitrary users for requests that conduct SQL injection attacks via the server parameter to monitor/show_sys_state.php.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/535734/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://bugtracker.ispconfig.org/index.php?do=details&task_id=3898 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/75126 | vdb-entry, x_refsource_BID | |
| http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/37259/ | exploit, x_refsource_EXPLOIT-DB | |
| https://www.htbridge.com/advisory/HTB23260 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150610 Multiple Vulnerabilities in ISPConfig",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/535734/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugtracker.ispconfig.org/index.php?do=details\u0026task_id=3898"
},
{
"name": "75126",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75126"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html"
},
{
"name": "37259",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/37259/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.htbridge.com/advisory/HTB23260"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in ISPConfig before 3.0.5.4p7 allow remote attackers to hijack the authentication of (1) administrators for requests that create an administrator account via a request to admin/users_edit.php or (2) arbitrary users for requests that conduct SQL injection attacks via the server parameter to monitor/show_sys_state.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20150610 Multiple Vulnerabilities in ISPConfig",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/535734/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugtracker.ispconfig.org/index.php?do=details\u0026task_id=3898"
},
{
"name": "75126",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75126"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html"
},
{
"name": "37259",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/37259/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.htbridge.com/advisory/HTB23260"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in ISPConfig before 3.0.5.4p7 allow remote attackers to hijack the authentication of (1) administrators for requests that create an administrator account via a request to admin/users_edit.php or (2) arbitrary users for requests that conduct SQL injection attacks via the server parameter to monitor/show_sys_state.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150610 Multiple Vulnerabilities in ISPConfig",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535734/100/0/threaded"
},
{
"name": "http://bugtracker.ispconfig.org/index.php?do=details\u0026task_id=3898",
"refsource": "CONFIRM",
"url": "http://bugtracker.ispconfig.org/index.php?do=details\u0026task_id=3898"
},
{
"name": "75126",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75126"
},
{
"name": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html"
},
{
"name": "37259",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37259/"
},
{
"name": "https://www.htbridge.com/advisory/HTB23260",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23260"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4119",
"datePublished": "2015-06-15T15:00:00",
"dateReserved": "2015-05-28T00:00:00",
"dateUpdated": "2024-08-06T06:04:02.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3629 (GCVE-0-2013-3629)
Vulnerability from cvelistv5
Published
2020-02-07 14:25
Modified
2024-08-06 16:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- PHP Code Execution
Summary
ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution
References
| ▼ | URL | Tags |
|---|---|---|
| https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats | x_refsource_MISC | |
| https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one | x_refsource_MISC | |
| http://www.securityfocus.com/bid/63455 | x_refsource_MISC | |
| http://www.exploit-db.com/exploits/29322 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63455"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/29322"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ISPConfig",
"vendor": "ISPConfig",
"versions": [
{
"status": "affected",
"version": "3.0.5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "PHP Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-07T14:25:36",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/63455"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.exploit-db.com/exploits/29322"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2013-3629",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ISPConfig",
"version": {
"version_data": [
{
"version_value": "3.0.5.2"
}
]
}
}
]
},
"vendor_name": "ISPConfig"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "PHP Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats"
},
{
"name": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one"
},
{
"name": "http://www.securityfocus.com/bid/63455",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/63455"
},
{
"name": "http://www.exploit-db.com/exploits/29322",
"refsource": "MISC",
"url": "http://www.exploit-db.com/exploits/29322"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2013-3629",
"datePublished": "2020-02-07T14:25:36",
"dateReserved": "2013-05-21T00:00:00",
"dateUpdated": "2024-08-06T16:14:56.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3042 (GCVE-0-2006-3042)
Vulnerability from cvelistv5
Published
2006-06-15 10:00
Modified
2024-08-07 18:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) go_info[isp][classes_root] parameter in (a) server.inc.php, and the (2) go_info[server][classes_root] parameter in (b) app.inc.php, (c) login.php, and (d) trylogin.php. NOTE: this issue has been disputed by the vendor, who states that the original researcher "reviewed the installation tarball that is not identical with the resulting system after installtion. The file, where the $go_info array is declared ... is created by the installer.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/27474 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/437415/100/100/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/18441 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/437117/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/1098 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:04.995Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27474",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27474"
},
{
"name": "20060616 Re: [FSA016] ISPConfig 2.2.3, File inclusion vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437415/100/100/threaded"
},
{
"name": "18441",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18441"
},
{
"name": "20060614 [FSA016] ISPConfig 2.2.3, File inclusion vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/437117/100/0/threaded"
},
{
"name": "1098",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) go_info[isp][classes_root] parameter in (a) server.inc.php, and the (2) go_info[server][classes_root] parameter in (b) app.inc.php, (c) login.php, and (d) trylogin.php. NOTE: this issue has been disputed by the vendor, who states that the original researcher \"reviewed the installation tarball that is not identical with the resulting system after installtion. The file, where the $go_info array is declared ... is created by the installer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27474",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27474"
},
{
"name": "20060616 Re: [FSA016] ISPConfig 2.2.3, File inclusion vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437415/100/100/threaded"
},
{
"name": "18441",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18441"
},
{
"name": "20060614 [FSA016] ISPConfig 2.2.3, File inclusion vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/437117/100/0/threaded"
},
{
"name": "1098",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1098"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) go_info[isp][classes_root] parameter in (a) server.inc.php, and the (2) go_info[server][classes_root] parameter in (b) app.inc.php, (c) login.php, and (d) trylogin.php. NOTE: this issue has been disputed by the vendor, who states that the original researcher \"reviewed the installation tarball that is not identical with the resulting system after installtion. The file, where the $go_info array is declared ... is created by the installer.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27474",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27474"
},
{
"name": "20060616 Re: [FSA016] ISPConfig 2.2.3, File inclusion vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437415/100/100/threaded"
},
{
"name": "18441",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18441"
},
{
"name": "20060614 [FSA016] ISPConfig 2.2.3, File inclusion vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437117/100/0/threaded"
},
{
"name": "1098",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3042",
"datePublished": "2006-06-15T10:00:00",
"dateReserved": "2006-06-15T00:00:00",
"dateUpdated": "2024-08-07T18:16:04.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2021-01-05 16:15
Modified
2024-11-21 06:20
Severity ?
Summary
ISPConfig before 3.2.2 allows SQL injection.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://twitter.com/ispconfig/status/1346142615511724032 | Third Party Advisory | |
| cve@mitre.org | https://www.ispconfig.org/blog/ispconfig-3-2-2-released-important-security-update/ | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://twitter.com/ispconfig/status/1346142615511724032 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ispconfig.org/blog/ispconfig-3-2-2-released-important-security-update/ | Release Notes, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0CC8A8-F76A-421F-B964-1A70D60B826D",
"versionEndExcluding": "3.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ISPConfig before 3.2.2 allows SQL injection."
},
{
"lang": "es",
"value": "ISPConfig versiones anteriores a 3.2.2, permite una inyecci\u00f3n de SQL"
}
],
"id": "CVE-2021-3021",
"lastModified": "2024-11-21T06:20:46.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-05T16:15:15.937",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://twitter.com/ispconfig/status/1346142615511724032"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-2-2-released-important-security-update/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://twitter.com/ispconfig/status/1346142615511724032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-2-2-released-important-security-update/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-12-07 08:29
Modified
2025-04-20 01:37
Severity ?
Summary
ISPConfig 3.x before 3.1.9 allows remote authenticated users to obtain root access by creating a crafted cron job.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.ispconfig.org/blog/ispconfig-3-1-9-released-important-security-update/ | Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ispconfig.org/blog/ispconfig-3-1-9-released-important-security-update/ | Issue Tracking, Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB25A272-8550-4177-AF5B-8243C209C9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "654B0006-9E49-49C7-BA08-FED043C919F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF1F2D5F-0D31-428F-89C9-5665DEA6E7D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.2.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "DE3B442C-458B-43AB-ADC1-695C6746CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0E1A2-66F5-4F49-9676-D27968E0C826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "D82F151B-56E7-4E53-97AD-67AB6F82678D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3BE133D3-E31D-4D86-9927-DF9D388610CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0578B899-4214-4C50-AB54-E2E46E8C3B7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.3.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "9F975883-EADD-46BE-9F3C-F5173600C4E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.3.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "BDD1EA7C-0F97-4D22-91B8-913C7CE23BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0CADD4B-CFD2-4B18-9203-4839B14B5BDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.3.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1220B372-EB56-46F7-A424-8E03610DD69C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E508104E-6611-42CF-866C-C7501B8DAC6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.3.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7AD721C0-B264-41B3-8525-7C1E19434267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36B30E68-F7F3-4739-978C-04403942B6D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.4:b1:*:*:*:*:*:*",
"matchCriteriaId": "592ECA84-36B6-4DA3-A203-1ABDC6A92FF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B60D6A69-5C58-4CCC-B9B7-D14956897383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.4.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F1A7EA07-E26C-4245-9870-107595A00568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.4.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "57A57710-0BDF-4AC1-9573-39ADDC5099B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D44566CD-5451-4398-9303-2A5D5D7EED44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FF5B2C25-A23E-45E0-BE5F-A98A887723C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0C59EBF7-774A-4A65-B809-CC2032D102F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.4.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4553523A-16EE-435D-9C1F-654D26295604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CB98EF2E-2D54-41CA-8CCF-4A96D27FAC26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "CE83DD0B-0C6A-4B24-AAE3-7F318FBC5A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5:b1:*:*:*:*:*:*",
"matchCriteriaId": "A269AD48-3078-4D71-B636-7DA6BE707B03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7F265805-54AE-41C2-ACC0-853B4D11C1A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A95965C7-11BA-4691-8DCD-5D1D26157240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C1F4F7-B594-453E-863B-2F4A50FFEF90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8055A41-F81A-4E94-9D5C-F14B67B4DE7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E01827-D853-4EF6-B624-5238028003E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CE14FBE1-A644-432B-BD3D-F8A09A497CBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.4:b1:*:*:*:*:*:*",
"matchCriteriaId": "27AA0130-E143-4D11-939E-705E0C175A3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "FB17B921-DFBA-4735-B3AB-96B704EAC92C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "CE557601-14F3-42DD-8487-50902F4686B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "AD681B66-C8EB-4304-9B02-310A5693E348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "88192600-7EA6-4E1B-A7D9-A132753FAC70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "CCE1C7E3-4771-4E8D-AB2F-DC40D98FAD8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "163D851E-E31E-4E7E-96EB-AAFA482F8E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.4:p7:*:*:*:*:*:*",
"matchCriteriaId": "3CC97E41-8DF3-467A-BBFC-C5887B1A5B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.4:p8:*:*:*:*:*:*",
"matchCriteriaId": "EE933601-92FE-40CD-8E09-4871AB874CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.4:p9:*:*:*:*:*:*",
"matchCriteriaId": "2F6DDEA2-AF2B-436C-B33B-30F3F987BDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EBDCA26A-2072-45BD-874C-8EBC3C2B0899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E0342434-F3F8-4FF9-9734-0190E050A834",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F328ACFE-3AD0-4E72-8F0E-66035A815C60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A82B95BC-8335-4D62-9519-7AAECE87761F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "27F7C0BA-A455-4B86-AFEC-BEDD539B628A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "029CB7C5-1E3D-4827-BD13-D868097653AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3BF948-DE6F-4D62-92EE-8AB37460D82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D49EE881-A769-4F56-8B74-1C8644FD1CCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "69199AD0-CD4B-4537-B230-7BD4B325B08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "298E737E-F605-42F9-B126-4D722336A6FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "15940226-5EFF-4799-8CF6-6488BB359FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.7:p1:*:*:*:*:*:*",
"matchCriteriaId": "55213C96-60DD-418A-B148-D8D8132C4143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B485EAF7-439C-413E-8FB4-5EDA155C5E77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "72CBEF4C-67F6-47D7-A774-7F38D1BF650E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ISPConfig 3.x before 3.1.9 allows remote authenticated users to obtain root access by creating a crafted cron job."
},
{
"lang": "es",
"value": "Las versiones 3.x de ISPConfig anteriores a la 3.1.9 permiten que usuarios remotos autenticados obtengan acceso root mediante la creaci\u00f3n de un trabajo cron manipulado."
}
],
"id": "CVE-2017-17384",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-07T08:29:00.223",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-9-released-important-security-update/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-9-released-important-security-update/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-04 23:29
Modified
2024-11-21 03:55
Severity ?
Summary
An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution. This is exploitable by authenticated users who have local filesystem access.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D6465EF-7F37-44A6-A464-DA8DB2438566",
"versionEndExcluding": "3.1.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution. This is exploitable by authenticated users who have local filesystem access."
},
{
"lang": "es",
"value": "Una expresi\u00f3n regular /[a-z]{2}/ no anclada en ISPConfig en versiones anteriores a la 3.1.13 hace posible incluir archivos arbitrarios, conduciendo a una ejecuci\u00f3n de c\u00f3digo. Esto es explotable por usuarios autentificados que tienen acceso al sistema de archivos local."
}
],
"id": "CVE-2018-17984",
"lastModified": "2024-11-21T03:55:19.780",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-04T23:29:00.570",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://0x09al.github.io/security/ispconfig/exploit/vulnerability/2018/08/20/bug-or-backdoor-ispconfig-rce.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/0x09AL/0x09al.github.io/blob/master/_posts/2018-08-20-bug-or-backdoor-ispconfig-rce.markdown"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-13-released-important-security-bugfix/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://0x09al.github.io/security/ispconfig/exploit/vulnerability/2018/08/20/bug-or-backdoor-ispconfig-rce.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/0x09AL/0x09al.github.io/blob/master/_posts/2018-08-20-bug-or-backdoor-ispconfig-rce.markdown"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-13-released-important-security-bugfix/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-185"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-10-27 04:15
Modified
2024-11-21 08:29
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2ED70CC8-81CD-4EDD-AC85-19FABB71CB9E",
"versionEndExcluding": "3.2.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.2.11:-:*:*:*:*:*:*",
"matchCriteriaId": "FD518188-907A-48CB-ADE9-F7AB664AA515",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en ISPConfig antes de 3.2.11p1. Un administrador puede lograr la inyecci\u00f3n de c\u00f3digo PHP en el editor de archivos de idioma si admin_allow_langedit est\u00e1 habilitado."
}
],
"id": "CVE-2023-46818",
"lastModified": "2024-11-21T08:29:22.380",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-10-27T04:15:10.907",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/176126/ISPConfig-3.2.11-PHP-Code-Injection.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2023/Dec/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-2-11p1-released/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/176126/ISPConfig-3.2.11-PHP-Code-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2023/Dec/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-2-11p1-released/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-06-15 10:02
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) go_info[isp][classes_root] parameter in (a) server.inc.php, and the (2) go_info[server][classes_root] parameter in (b) app.inc.php, (c) login.php, and (d) trylogin.php. NOTE: this issue has been disputed by the vendor, who states that the original researcher "reviewed the installation tarball that is not identical with the resulting system after installtion. The file, where the $go_info array is declared ... is created by the installer.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "527BD26D-5EA0-4BE7-8443-5F519F8C86EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) go_info[isp][classes_root] parameter in (a) server.inc.php, and the (2) go_info[server][classes_root] parameter in (b) app.inc.php, (c) login.php, and (d) trylogin.php. NOTE: this issue has been disputed by the vendor, who states that the original researcher \"reviewed the installation tarball that is not identical with the resulting system after installtion. The file, where the $go_info array is declared ... is created by the installer."
}
],
"id": "CVE-2006-3042",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-06-15T10:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1098"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/27474"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/437117/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/437415/100/100/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/18441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/27474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/437117/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/437415/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/18441"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-23 15:15
Modified
2024-11-21 01:38
Severity ?
Summary
ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod and chown entire server from client interface.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/04/08/3 | Exploit, Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/04/09/4 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/74739 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://www.securityfocus.com/bid/52936 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/04/08/3 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/04/09/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/74739 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/52936 | Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FF5B2C25-A23E-45E0-BE5F-A98A887723C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ISPConfig 3.0.4.3: the \"Add new Webdav user\" can chmod and chown entire server from client interface."
},
{
"lang": "es",
"value": "ISPConfig versi\u00f3n 3.0.4.3: el \"Add new Webdav user\" puede cambiar el modo y cambiar el propietario en todo el servidor desde la interfaz del cliente."
}
],
"id": "CVE-2012-2087",
"lastModified": "2024-11-21T01:38:27.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-23T15:15:11.863",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/04/08/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/04/09/4"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74739"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/52936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/04/08/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2012/04/09/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/52936"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-25 21:15
Modified
2024-11-21 05:40
Severity ?
Summary
ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_allowed=sites option is manually enabled, allows SQL Injection.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4ACE526A-CC11-4678-B28C-FE663A9F9C92",
"versionEndExcluding": "3.1.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.15:-:*:*:*:*:*:*",
"matchCriteriaId": "8ED92D4D-85D9-45CF-B227-5B7D9C761047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.15:p1:*:*:*:*:*:*",
"matchCriteriaId": "01398B46-98EC-49B7-95E2-A712B08A6165",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.1.15:p2:*:*:*:*:*:*",
"matchCriteriaId": "D45FCB7A-3E5F-4DE1-8BCA-48E68BB88B01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_allowed=sites option is manually enabled, allows SQL Injection."
},
{
"lang": "es",
"value": "ISPConfig versiones anteriores a 3.1.15p3, cuando la opci\u00f3n reverse_proxy_panel_allowed=sites no documentada es habilitada manualmente, permite una inyecci\u00f3n SQL."
}
],
"id": "CVE-2020-9398",
"lastModified": "2024-11-21T05:40:33.667",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-25T21:15:11.107",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-15p3-released-security-bugfix-release/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ispconfig.org/blog/ispconfig-3-1-15p3-released-security-bugfix-release/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-05-12 00:02
Modified
2025-04-03 01:03
Severity ?
Summary
PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the go_info[server][classes_root] parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under the web root in version 2.2, and register_globals is not enabled
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:*:*:*:*:*:*:*:*",
"matchCriteriaId": "696CEEE2-E385-4354-A1CB-1B3F2EEF5847",
"versionEndIncluding": "2.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the go_info[server][classes_root] parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under the web root in version 2.2, and register_globals is not enabled"
}
],
"id": "CVE-2006-2315",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-05-12T00:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045855.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19994"
},
{
"source": "cve@mitre.org",
"url": "http://www.howtoforge.com/forums/showthread.php?t=4123"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/25355"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/437456/100/200/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/17909"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1727"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.xorcrew.net/xpa/XPA-ISPConfig.txt"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26299"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/1762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045855.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.howtoforge.com/forums/showthread.php?t=4123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/25355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/437456/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/17909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.xorcrew.net/xpa/XPA-ISPConfig.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/1762"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-15 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig before 3.0.5.4p7 allows remote authenticated users with monitor permissions to execute arbitrary SQL commands via the server parameter. NOTE: this can be leveraged by remote attackers using CVE-2015-4119.2.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:*:p6:*:*:*:*:*:*",
"matchCriteriaId": "8AD43722-09E0-45C5-8AEA-17D9510DCF34",
"versionEndIncluding": "3.0.5.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig before 3.0.5.4p7 allows remote authenticated users with monitor permissions to execute arbitrary SQL commands via the server parameter. NOTE: this can be leveraged by remote attackers using CVE-2015-4119.2."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en monitor/show_sys_state.php en ISPConfig anterior a 3.0.5.4p7 permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro server. NOTA: esto puede ser aprovechado por atacantes remotos que utilizan el CVE-2015-4119.2."
}
],
"id": "CVE-2015-4118",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-15T15:59:02.803",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugtracker.ispconfig.org/index.php?do=details\u0026task_id=3898"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/535734/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75126"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/37259/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.htbridge.com/advisory/HTB23260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugtracker.ispconfig.org/index.php?do=details\u0026task_id=3898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/535734/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/37259/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.htbridge.com/advisory/HTB23260"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-07 15:15
Modified
2024-11-21 01:54
Severity ?
Summary
ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | http://www.exploit-db.com/exploits/29322 | Exploit, Third Party Advisory, VDB Entry | |
| cret@cert.org | http://www.securityfocus.com/bid/63455 | Third Party Advisory, VDB Entry | |
| cret@cert.org | https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one | Third Party Advisory | |
| cret@cert.org | https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.exploit-db.com/exploits/29322 | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/63455 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:3.0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8055A41-F81A-4E94-9D5C-F14B67B4DE7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution"
},
{
"lang": "es",
"value": "ISPConfig versi\u00f3n 3.0.5.2, presenta una Ejecuci\u00f3n de C\u00f3digo PHP Arbitraria."
}
],
"id": "CVE-2013-3629",
"lastModified": "2024-11-21T01:54:01.043",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-07T15:15:10.587",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/29322"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/63455"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/29322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/63455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-15 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in ISPConfig before 3.0.5.4p7 allow remote attackers to hijack the authentication of (1) administrators for requests that create an administrator account via a request to admin/users_edit.php or (2) arbitrary users for requests that conduct SQL injection attacks via the server parameter to monitor/show_sys_state.php.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ispconfig:ispconfig:*:p6:*:*:*:*:*:*",
"matchCriteriaId": "8AD43722-09E0-45C5-8AEA-17D9510DCF34",
"versionEndIncluding": "3.0.5.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in ISPConfig before 3.0.5.4p7 allow remote attackers to hijack the authentication of (1) administrators for requests that create an administrator account via a request to admin/users_edit.php or (2) arbitrary users for requests that conduct SQL injection attacks via the server parameter to monitor/show_sys_state.php."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de CSRF en ISPConfig anterior a 3.0.5.4p7 permiten a atacantes remotos secuestrar la autenticaci\u00f3n de (1) administradores para solicitudes que crean una cuenta de administrador a trav\u00e9s de una solicitud a admin/users_edit.php o (2) usuarios arbitrarios para solicitudes que realizan ataques de inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro server en monitor/show_sys_state.php."
}
],
"id": "CVE-2015-4119",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-06-15T15:59:04.477",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugtracker.ispconfig.org/index.php?do=details\u0026task_id=3898"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/535734/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75126"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/37259/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.htbridge.com/advisory/HTB23260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugtracker.ispconfig.org/index.php?do=details\u0026task_id=3898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/535734/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/37259/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.htbridge.com/advisory/HTB23260"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}