Skip to main content

Hostmaster

3 CVEs product

Monthly

CVE-2015-5501 HIGH This Week

The Hostmaster (Aegir) module 6.x-2.x before 6.x-2.4 and 7.x-3.x before 7.x-3.0-beta2 for Drupal allows remote attackers to execute arbitrary PHP code via a crafted file in the directory used to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE PHP Apache Hostmaster
NVD
CVSS 2.0
7.5
EPSS
0.7%
CVE-2012-2708 LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in the _hosting_task_log_table function in modules/hosting/task/hosting_task.module in the Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal allows. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. Public exploit code available.

XSS Hostmaster
NVD
CVSS 2.0
2.1
EPSS
0.3%
CVE-2012-2707 MEDIUM POC PATCH This Month

The Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal does not properly exit when users do not have access to package/task nodes, which allows remote attackers to bypass intended access. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available.

Privilege Escalation Hostmaster
NVD
CVSS 2.0
5.8
EPSS
1.1%
EPSS 1% CVSS 7.5
HIGH This Week

The Hostmaster (Aegir) module 6.x-2.x before 6.x-2.4 and 7.x-3.x before 7.x-3.0-beta2 for Drupal allows remote attackers to execute arbitrary PHP code via a crafted file in the directory used to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE PHP Apache +1
NVD
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in the _hosting_task_log_table function in modules/hosting/task/hosting_task.module in the Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal allows. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. Public exploit code available.

XSS Hostmaster
NVD
EPSS 1% CVSS 5.8
MEDIUM POC PATCH This Month

The Hostmaster (Aegir) module 6.x-1.x before 6.x-1.9 for Drupal does not properly exit when users do not have access to package/task nodes, which allows remote attackers to bypass intended access. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available.

Privilege Escalation Hostmaster
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy