Lucene search

MGT-COMMERCE Security Vulnerabilities

cve

CVE-2023-46157

File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to...

8.8CVSS

8AI Score

0.001EPSS

2023-12-08 01:15 PM

cve

CVE-2023-35885

CloudPanel 2 before 2.3.1 has insecure file-manager cookie...

9.8CVSS

9.4AI Score

0.505EPSS

2023-06-20 08:15 PM

cve

CVE-2023-36630

In CloudPanel before 2.3.1, insecure file upload leads to privilege escalation and authentication...

8.8CVSS

9AI Score

0.001EPSS

2023-06-25 04:15 PM

cve

CVE-2023-33747

CloudPanel v2.2.2 allows attackers to execute a path...

7.8CVSS

7.7AI Score

0.0004EPSS

2023-06-06 06:15 PM

cve

CVE-2023-0391

MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the administrative interface, shared across every installation of CloudPanel. This behavior was observed in version 2.2.0. There has been no indication from the vendor this has been addressed in version...

8.1CVSS

7.9AI Score

0.001EPSS

2023-03-21 08:15 PM