Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web panel vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-15609
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_dashboard.php. When parsing the service_s...
Centos-webpanel Centos Web Panel 17.0.9.8.923
NA
CVE-2006-1407
Multiple cross-site scripting (XSS) vulnerabilities in Helm Web Hosting Control Panel 3.2.10 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) txtDomainName parameter to domains.asp or (2) SearchText or (3) UserLevel parameters ...
Webhost Automation Helm Web Hosting Control Panel
2 EDB exploits
NA
CVE-2007-5251
Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote malicious users to inject arbitrary web script or HTML via (1) the showOption parameter to domain.asp, or the (2) Folder or (3) StartPath parameter to FileManager.asp.
Webhost Automation Helm Web Hosting Control Panel 3.2.16
NA
CVE-2006-5984
Multiple cross-site scripting (XSS) vulnerabilities in Helm Web Hosting Control Panel 3.2.10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) txtCompanyName, (2) txtEmail, or (3) txtUserAccNum parameter to (a) users.asp, or the (4) setThemeColou...
Webhost Automation Helm Web Hosting Control Panel 3.2.10
NA
CVE-2006-1080
Cross-site scripting (XSS) vulnerability in login.php in Game-Panel 2.6.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the message parameter, possibly requiring a URL encoded value.
Game-panel Game-panel 2.6.1
Game-panel Game-panel 2.6
1 EDB exploit
NA
CVE-2004-1499
Cross-site scripting (XSS) vulnerability in the compose message form in HELM 3.1.19 and previous versions allows remote malicious users to execute arbitrary web script or HTML via the Subject field.
Webhost Automation Helm Control Panel 3.1.15
Webhost Automation Helm Control Panel 3.1.16
Webhost Automation Helm Control Panel 3.1.17
Webhost Automation Helm Control Panel 3.1.10
Webhost Automation Helm Control Panel 3.1.18
Webhost Automation Helm Control Panel 3.1.19
Webhost Automation Helm Control Panel 3.1.11
Webhost Automation Helm Control Panel 3.1.12
Webhost Automation Helm Control Panel 3.1.13
Webhost Automation Helm Control Panel 3.1.14
1 EDB exploit
6.1
CVSSv3
CVE-2023-0125
A vulnerability was found in Control iD Gerencia Web 1.30. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation of the argument Nome leads to cross site scripting. The attack can be launch...
Control Id Panel Project Control Id Panel -
1 Github repository
NA
CVE-2014-1855
Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel prior to 3.5.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) capcheck parameter to directories.php or (2) keyword parameter to proxy.php.
Seopanel Seo Panel 3.3.1
Seopanel Seo Panel
NA
CVE-2007-0365
Multiple cross-site scripting (XSS) vulnerabilities in All In One Control Panel (AIOCP) 1.3.009 and previous versions allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably a different vulnerability than CVE-2006-5830.
Nicola Asuni All In One Control Panel 1.3.000
Nicola Asuni All In One Control Panel 1.3.007
Nicola Asuni All In One Control Panel 1.3.008
Nicola Asuni All In One Control Panel 1.3.003
Nicola Asuni All In One Control Panel 1.3.004
Nicola Asuni All In One Control Panel 1.3.005
Nicola Asuni All In One Control Panel 1.3.006
Nicola Asuni All In One Control Panel 1.3.001
Nicola Asuni All In One Control Panel 1.3.002
Nicola Asuni All In One Control Panel
NA
CVE-2006-0211
Cross-site scripting (XSS) vulnerability in forgotPassword.asp in Helm Hosting Control Panel 3.2.8 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the txtEmailAddress parameter.
Helm Hosting Helm Hosting Control Panel 3.2.8
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »