{"id":"PYSEC-2018-109","details":"Ajenti version version 2 contains a Insecure Permissions vulnerability in Plugins download that can result in The download of any plugins as being a normal user. This attack appear to be exploitable via By knowing how the requisition is made, and sending it as a normal user, the server, in response, downloads the plugin.","aliases":["CVE-2018-1000080"],"modified":"2025-10-09T05:30:58.226184Z","published":"2018-03-13T15:29:00Z","references":[{"type":"WEB","url":"https://medium.com/stolabs/security-issues-on-ajenti-d2b7526eaeee"},{"type":"PACKAGE","url":"https://pypi.org/project/ajenti-panel"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1000080"}],"affected":[{"package":{"name":"ajenti-panel","ecosystem":"PyPI","purl":"pkg:pypi/ajenti-panel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.10","0.11","0.12","0.13","0.14","0.15","0.16","0.17","0.18","0.19","0.2","0.20","0.21","0.22","0.23","0.25","0.26","0.27","0.28","0.29","0.3","0.30","0.31","0.32","0.33","0.4","0.5","0.6","0.7","0.8","0.9","2.0.34","2.0.35","2.0.36","2.0.37","2.0.38","2.0.39","2.0.40","2.0.41","2.0.42","2.0.43","2.0.44","2.0.45","2.0.46","2.0.47","2.0.48","2.0.49","2.0.50","2.0.51","2.0.52","2.0.53","2.0.54","2.0.55","2.0.56","2.0.57","2.0.58","2.0.59","2.0.60","2.0.61","2.0.62","2.0.63","2.0.64","2.0.65","2.0.66","2.0.67","2.0.68","2.0.69","2.0.70","2.0.71","2.1.0","2.1.1","2.1.10","2.1.11","2.1.12","2.1.13","2.1.14","2.1.15","2.1.16","2.1.17","2.1.18","2.1.19","2.1.2","2.1.20","2.1.21","2.1.22","2.1.23","2.1.24","2.1.25","2.1.26","2.1.27","2.1.28","2.1.29","2.1.3","2.1.30","2.1.31","2.1.32","2.1.33","2.1.34","2.1.35","2.1.36","2.1.37","2.1.38","2.1.39","2.1.4","2.1.40","2.1.42","2.1.43","2.1.5","2.1.6","2.1.7","2.1.8","2.1.9","2.1.44","2.2.0","2.2.1","2.2.10","2.2.11","2.2.3","2.2.4","2.2.5","2.2.6","2.2.7","2.2.8","2.2.9"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/ajenti-panel/PYSEC-2018-109.yaml"}}],"schema_version":"1.7.3"}