Vulnerabilities (CVE)

Filtered by vendor Bittacora Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-28657 1 Bittacora 1 Bpanel 2024-11-21 7.5 HIGH 9.8 CRITICAL
In bPanel 2.0, the administrative ajax endpoints (aka ajax/aj_*.php) are accessible without authentication and allow SQL injections, which could lead to platform compromise.