Vulnerabilities > CVE-2013-2097 - Unspecified vulnerability in Zpanel Project Zpanel 10.1.0

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
zpanel-project
exploit available

Summary

ZPanel through 10.1.0 has Remote Command Execution

Vulnerable Configurations

Part Description Count
Application
Zpanel_Project
1

Exploit-Db

  • descriptionZPanel templateparser.class.php - Crafted Template Remote Command Execution. CVE-2013-2097. Webapps exploit for php platform
    idEDB-ID:25519
    last seen2016-02-03
    modified2013-04-16
    published2013-04-16
    reporterSven Slootweg
    sourcehttps://www.exploit-db.com/download/25519/
    titleZPanel templateparser.class.php - Crafted Template Remote Command Execution
  • descriptionZpanel Remote Unauthenticated RCE. CVE-2013-2097. Remote exploit for php platform
    idEDB-ID:38505
    last seen2016-02-04
    modified2015-10-21
    published2015-10-21
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/38505/
    titleZpanel Remote Unauthenticated RCE

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/134030/zpanel_information_disclosure_rce.rb.txt
idPACKETSTORM:134030
last seen2016-12-05
published2015-10-20
reporterJames Fitts
sourcehttps://packetstormsecurity.com/files/134030/Zpanel-10.1.0-Remote-Unauthenticated-Code-Execution.html
titleZpanel 10.1.0 Remote Unauthenticated Code Execution