Ehcp
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-6619 | Hig | 0.51 | 7.8 | 0.00 | May 11, 2018 | Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attackers to crack database passwords by leveraging use of a weak hashing algorithm without a salt. | ||
| CVE-2018-6618 | Hig | 0.51 | 7.8 | 0.00 | May 11, 2018 | Easy Hosting Control Panel (EHCP) v0.37.12.b allows attackers to obtain sensitive information by leveraging cleartext password storage. | ||
| CVE-2018-6617 | Hig | 0.51 | 7.8 | 0.00 | May 11, 2018 | Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL server, allows attackers to change passwords of arbitrary database users by leveraging failure to ask for the current password. | ||
| CVE-2018-6361 | Med | 0.43 | 6.1 | 0.40 | May 11, 2018 | Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the op parameter, as demonstrated by adding a backdoor FTP account. |
- risk 0.51cvss 7.8epss 0.00
Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attackers to crack database passwords by leveraging use of a weak hashing algorithm without a salt.
- risk 0.51cvss 7.8epss 0.00
Easy Hosting Control Panel (EHCP) v0.37.12.b allows attackers to obtain sensitive information by leveraging cleartext password storage.
- risk 0.51cvss 7.8epss 0.00
Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL server, allows attackers to change passwords of arbitrary database users by leveraging failure to ask for the current password.
- risk 0.43cvss 6.1epss 0.40
Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the op parameter, as demonstrated by adding a backdoor FTP account.