Vulnerabilities > CVE-2013-2097 - Unspecified vulnerability in Zpanel Project Zpanel 10.1.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
ZPanel through 10.1.0 has Remote Command Execution
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description ZPanel templateparser.class.php - Crafted Template Remote Command Execution. CVE-2013-2097. Webapps exploit for php platform id EDB-ID:25519 last seen 2016-02-03 modified 2013-04-16 published 2013-04-16 reporter Sven Slootweg source https://www.exploit-db.com/download/25519/ title ZPanel templateparser.class.php - Crafted Template Remote Command Execution description Zpanel Remote Unauthenticated RCE. CVE-2013-2097. Remote exploit for php platform id EDB-ID:38505 last seen 2016-02-04 modified 2015-10-21 published 2015-10-21 reporter metasploit source https://www.exploit-db.com/download/38505/ title Zpanel Remote Unauthenticated RCE
Packetstorm
| data source | https://packetstormsecurity.com/files/download/134030/zpanel_information_disclosure_rce.rb.txt |
| id | PACKETSTORM:134030 |
| last seen | 2016-12-05 |
| published | 2015-10-20 |
| reporter | James Fitts |
| source | https://packetstormsecurity.com/files/134030/Zpanel-10.1.0-Remote-Unauthenticated-Code-Execution.html |
| title | Zpanel 10.1.0 Remote Unauthenticated Code Execution |
References
- http://packetstormsecurity.com/files/134030/Zpanel-10.1.0-Remote-Unauthenticated-Code-Execution.html
- http://www.exploit-db.com/exploits/25519
- http://www.openwall.com/lists/oss-security/2013/05/16/12
- http://www.openwall.com/lists/oss-security/2013/05/16/16
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84364