Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web panel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4592
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
Sportspanel Sports Clubs Web Portal 0.0.1
2 EDB exploits
NA
CVE-2008-2458
Cross-site scripting (XSS) vulnerability in index.php in Starsgames Control Panel 4.6.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the st parameter.
4shared Starsgames Control Panel
1 EDB exploit
NA
CVE-2006-3737
Cross-site scripting (XSS) vulnerability in filemanager/filemanager.php in the control panel in SWsoft Plesk 8.0 and previous versions allows remote authenticated users to inject arbitrary web script or HTML via the file parameter.
Swsoft Plesk Control Panel
9.8
CVSSv3
CVE-2018-1000884
Vesta CP version Prior to commit f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 -- any release before 0.9.8-18 contains a CWE-208 / Information Exposure Through Timing Discrepancy vulnerability in Password reset code -- web/reset/index.php, line 51 that can result in Possible to determ...
Vestacp Vesta Control Panel
6.1
CVSSv3
CVE-2018-10686
An issue exists in Vesta Control Panel 0.9.8-20. There is Reflected XSS via $_REQUEST['path'] to the view/file/index.php URI, which can lead to remote PHP code execution via vectors involving a file_put_contents call in web/upload/UploadHandler.php.
Vestacp Control Panel 0.9.8-20
NA
CVE-2011-4852
The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates web pages containing external links in response to GET requests with query strings for enterprise/mobile-monitor/ and certain other files, which makes it easier for remote malicious users to obtain sensi...
Parallels Parallels Plesk Panel 10.4.4 Build20111103.18
NA
CVE-2011-4740
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates web pages containing external links in response to GET requests with query strings for smb/app/search-data/catalogId/marketplace and certain other files, which makes it easier for remote malicious users...
Parallels Parallels Plesk Panel 10.2.0 Build20110407.20
9.8
CVSSv3
CVE-2021-43693
vesta 0.9.8-24 is affected by a file inclusion vulnerability in file web/add/user/index.php.
Vestacp Vesta Control Panel 0.9.8-24
5.4
CVSSv3
CVE-2023-27225
A cross-site scripting (XSS) vulnerability in User Registration & Login and User Management System with Admin Panel v3 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the first and last name field.
User Registration & Login And User Management System With Admin Panel Project User Registration & Login And User Management System With Admin Panel 3.0
6.1
CVSSv3
CVE-2022-34025
Vesta v1.0.0-5 exists to contain a cross-site scripting (XSS) vulnerability via the post function at /web/api/v1/upload/UploadHandler.php.
Vestacp Vesta Control Panel 1.0.0-5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »