Vulnerabilities (CVE)

Vendor filter

Ajenti Subscribe

Filter

8 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-18548 1 Ajenti 1 Ajenticp 2018-12-06 4.3
ajenticp (aka Ajenti Docker control panel) for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager.
CVE-2018-1000126 1 Ajenti 1 Ajenti 2018-04-11 5.0
Ajenti version 2 contains an Information Disclosure vulnerability in Line 176 of the code source that can result in user and system enumeration as well as data from the /etc/ajenti/config.yml file. This attack appears to be exploitable via...
CVE-2018-1000080 1 Ajenti 1 Ajenti 2018-04-06 4.0
Ajenti version version 2 contains a Insecure Permissions vulnerability in Plugins download that can result in The download of any plugins as being a normal user. This attack appear to be exploitable via By knowing how the requisition is made, and...
CVE-2018-1000083 1 Ajenti 1 Ajenti 2018-04-06 5.0
Ajenti version version 2 contains a Improper Error Handling vulnerability in Login JSON request that can result in The requisition leaks a path of the server. This attack appear to be exploitable via By sending a malformed JSON, the tool responds...
CVE-2018-1000081 1 Ajenti 1 Ajenti 2018-04-06 5.0
Ajenti version version 2 contains a Input Validation vulnerability in ID string on Get-values POST request that can result in Server Crashing. This attack appear to be exploitable via An attacker can freeze te server by sending a giant string to...
CVE-2018-1000082 1 Ajenti 1 Ajenti 2018-04-06 6.8
Ajenti version version 2 contains a Cross ite Request Forgery (CSRF) vulnerability in the command execution panel of the tool used to manage the server. that can result in Code execution on the server . This attack appear to be exploitable via...
CVE-2014-4301 1 Ajenti 1 Ajenti 2016-09-06 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the respond_error function in routing.py in Eugene Pankov Ajenti before 1.2.21.7 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) resources.js or (2)...
CVE-2014-2260 1 Ajenti 1 Ajenti 2014-05-01 3.5
Cross-site scripting (XSS) vulnerability in plugins/main/content/js/ajenti.coffee in Eugene Pankov Ajenti 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via the command field in the Cron functionality.