Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
VestaCP 0.9.8-26 - 'LoginAs' Insufficient Session Validation
Vulnerability Description
VestaCP 0.9.8-26 contains a session token vulnerability in the LoginAs module that allows remote attackers to manipulate authentication tokens. Attackers can exploit insufficient token validation to access user accounts and perform unauthorized login requests without proper administrative permissions.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
授权机制不正确
Vulnerability Title
Vesta Control Panel(VestaCP) 安全漏洞
Vulnerability Description
Vesta Control Panel(VestaCP)是Vesta Control Panel公司的一个开源的虚拟主机控制面板。 Vesta Control Panel(VestaCP) 0.9.8-26版本存在安全漏洞,该漏洞源于令牌验证不足,可能导致未授权访问用户账户。
CVSS Information
N/A
Vulnerability Type
N/A