Vendor

Hashtopolis

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2017-11681	Hashtopus Project Hashtopus	Hig	0.57	8.8	0.01		Jul 27, 2017	Incorrect Access Control vulnerability in Hashtopussy 0.4.0 allows remote authenticated users to execute actions that should only be available for administrative roles, as demonstrated by an action=createVoucher request to agents.php.
CVE-2017-11682	Hashtopus Project Hashtopus	Med	0.40	6.1	0.01		Jul 27, 2017	Stored Cross-site scripting vulnerability in Hashtopussy 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) version, (2) url, or (3) rootdir parameter in hashcat.php.

CVE-2017-11681HigJul 27, 2017
Hashtopus Project
Hashtopus
risk 0.57cvss 8.8epss 0.01
Incorrect Access Control vulnerability in Hashtopussy 0.4.0 allows remote authenticated users to execute actions that should only be available for administrative roles, as demonstrated by an action=createVoucher request to agents.php.
CVE-2017-11682MedJul 27, 2017
Hashtopus Project
Hashtopus
risk 0.40cvss 6.1epss 0.01
Stored Cross-site scripting vulnerability in Hashtopussy 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) version, (2) url, or (3) rootdir parameter in hashcat.php.