Описание
ZPanel 2.0 and 2.5 beta 10 does not remove or protect installation scripts after they have been used, which allows remote attackers to reinstall the software and possibly cause a denial of service via a direct request to install.php.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:zpanel:zpanel:2.0:*:*:*:*:*:*:*
cpe:2.3:a:zpanel:zpanel:2.5_beta10:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00741
Низкий
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
ZPanel 2.0 and 2.5 beta 10 does not remove or protect installation scripts after they have been used, which allows remote attackers to reinstall the software and possibly cause a denial of service via a direct request to install.php.
EPSS
Процентиль: 72%
0.00741
Низкий
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other