Filtered by vendor Seopanel
Subscribe
Total
18 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-34117 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | N/A | 7.5 HIGH |
SQL Injection vulnerability in SEO Panel 4.9.0 in api/user.api.php in function getUserName in the username parameter, allows attackers to gain sensitive information. | |||||
CVE-2021-39413 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Multiple Cross Site Scripting (XSS) vulnerabilities exits in SEO Panel v4.8.0 via the (1) to_time parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, (f) rank.php, (g) review.php, (h) saturationchecker.php, (i) social_media.php, and (j) reports.php; the (2) from_time parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, (f) rank.php, (g) review.php, (h) saturationchecker.php, (i) social_media.php, (j) webmaster-tools.php, and (k) reports.php; the (3) order_col parameter in (a) analytics.php, (b) review.php, (c) social_media.php, and (d) webmaster-tools.php; and the (4) pageno parameter in (a) alerts.php, (b) log.php, (c) keywords.php, (d) proxy.php, (e) searchengine.php, and (f) siteauditor.php. | |||||
CVE-2021-29008 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via webmaster-tools.php in the "to_time" parameter. | |||||
CVE-2021-29010 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "report_type" parameter. | |||||
CVE-2021-29009 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "type" parameter. | |||||
CVE-2020-27461 | 1 Seopanel | 1 Seopanel | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
A remote code execution vulnerability in SEOPanel 4.6.0 has been fixed for 4.7.0. This vulnerability allowed for remote code execution through an authenticated file upload via the Settings Panel>Import website function. | |||||
CVE-2021-3002 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Seo Panel 4.8.0 allows reflected XSS via the seo/seopanel/login.php?sec=forgot email parameter. | |||||
CVE-2021-28418 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via settings.php and the "category" parameter. | |||||
CVE-2021-28420 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via alerts.php and the "from_time" parameter. | |||||
CVE-2020-35930 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url parameter, as demonstrated by the seo/seopanel/websites.php URI. | |||||
CVE-2021-28417 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php and the "search_name" parameter. | |||||
CVE-2021-28419 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 6.5 MEDIUM | 7.2 HIGH |
The "order_col" parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to retrieve all databases. | |||||
CVE-2018-14384 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 3.5 LOW | 4.8 MEDIUM |
The Website Manager module in SEO Panel 3.13.0 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability, allowing remote authenticated attackers to inject arbitrary web script or HTML via the websites.php name parameter. | |||||
CVE-2017-10838 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2017-10839 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
CVE-2014-100024 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Seo Panel before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2014-1855 | 1 Seopanel | 1 Seo Panel | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel before 3.5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) capcheck parameter to directories.php or (2) keyword parameter to proxy.php. | |||||
CVE-2010-4331 | 1 Seopanel | 1 Seopanel | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) default_news or (2) sponsors cookies, which are not properly handled by (a) controllers/index.ctrl.php or (b) controllers/settings.ctrl.php. |