Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web panel vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2022-28102
A cross-site scripting (XSS) vulnerability in PHP MySQL Admin Panel Generator v1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected at /edit-db.php.
Php Mysql Admin Panel Generator Project Php Mysql Admin Panel Generator -
1 Github repository
383
VMScore
CVE-2014-100024
Cross-site scripting (XSS) vulnerability in Seo Panel prior to 3.4.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Seopanel Seo Panel
383
VMScore
CVE-2017-10838
Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an malicious user to inject arbitrary web script or HTML via unspecified vectors.
Seopanel Seo Panel
383
VMScore
CVE-2021-30071
A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Hestiacp Control Panel
312
VMScore
CVE-2018-14384
The Website Manager module in SEO Panel 3.13.0 and previous versions is affected by a stored Cross-Site Scripting (XSS) vulnerability, allowing remote authenticated malicious users to inject arbitrary web script or HTML via the websites.php name parameter.
Seopanel Seo Panel
383
VMScore
CVE-2018-18547
Vesta Control Panel up to and including 0.9.8-22 has XSS via the edit/web/ domain parameter, the list/backup/ backup parameter, the list/rrd/ period parameter, the list/directory/ dir_a parameter, or the filename to the list/directory/ URI.
Vestacp Control Panel
435
VMScore
CVE-2008-2458
Cross-site scripting (XSS) vulnerability in index.php in Starsgames Control Panel 4.6.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the st parameter.
4shared Starsgames Control Panel
1 EDB exploit
383
VMScore
CVE-2006-3737
Cross-site scripting (XSS) vulnerability in filemanager/filemanager.php in the control panel in SWsoft Plesk 8.0 and previous versions allows remote authenticated users to inject arbitrary web script or HTML via the file parameter.
Swsoft Plesk Control Panel
445
VMScore
CVE-2018-1000884
Vesta CP version Prior to commit f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 -- any release before 0.9.8-18 contains a CWE-208 / Information Exposure Through Timing Discrepancy vulnerability in Password reset code -- web/reset/index.php, line 51 that can result in Possible to determ...
Vestacp Vesta Control Panel
383
VMScore
CVE-2018-10686
An issue exists in Vesta Control Panel 0.9.8-20. There is Reflected XSS via $_REQUEST['path'] to the view/file/index.php URI, which can lead to remote PHP code execution via vectors involving a file_put_contents call in web/upload/UploadHandler.php.
Vestacp Control Panel 0.9.8-20
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »