Cloudpanel 2 < 2.3.1 - Remote Code Execution

CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. id: CVE-2023-35885 info: name: Cloudpanel 2 2.3.1 - Remote Code Execution author: DhiyaneshDk severity: critical description: | CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. impact: | Successfu...

CVE-2026-24525

Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through = 1.0.2...

CVE-2026-24525

Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through = 1.0.2...

CVE-2026-24525

CVE-2026-24525 concerns CloudPanel CLP Varnish Cache (WordPress plugin) &lt;= 1.0.2 with Missing Authorization due to incorrectly configured access control. Affected versions are listed as

CVE-2026-24525

Missing Authorization vulnerability in CloudPanel CLP Varnish Cache clp-varnish-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CLP Varnish Cache: from n/a through = 1.0.2...

PT-2026-4375

Name of the Vulnerable Software and Affected Versions CloudPanel CLP Varnish Cache versions through 1.0.2 Description An authorization issue exists in CloudPanel CLP Varnish Cache. The problem involves incorrectly configured access control security levels, potentially allowing unauthorized access...

CVE-2025-15241

A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack...

CVE-2025-15241

A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack...

CVE-2025-15241

A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack...

CVE-2025-15241 CloudPanel Community Edition HTTP Header users redirect

A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack...

CVE-2025-15241 CloudPanel Community Edition HTTP Header users redirect

A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack...

CVE-2025-15241

CloudPanel Community Edition up to 2.5.1 is affected by an open redirect vulnerability in the HTTP Header Handler’s handling of the Referer argument in the /admin/users file. The issue enables remote attackers to trigger a redirect by manipulating Referer, with exploitation disclosed publicly. Re...

CloudPanel 输入验证错误漏洞

CloudPanel is a free software from CloudPanel Open Source. It is used to configure and manage servers. An input validation error vulnerability exists in CloudPanel 2.5.1 and earlier versions, which stems from incorrect manipulation of the file /admin/users parameter Referer in the component HTTP...

PT-2025-53858

Name of the Vulnerable Software and Affected Versions CloudPanel Community Edition versions up to 2.5.1 Description A security issue exists in CloudPanel Community Edition. The problem involves an open redirect through manipulation of the Referer argument within an unknown function of the...

EUVD-2023-37899

Malicious code in bioql PyPI...

EUVD-2023-12452

Malicious code in bioql PyPI...

EUVD-2023-40574

Malicious code in bioql PyPI...

CVE-2025-XXXX

CVE-2025-XXXX: CloudPanel FastCGI PHP-FPM Privilege Escalation...

CVE-2024-24320

Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function...

CVE-2024-44765

An Improper Authorization Access Control Misconfiguration vulnerability in MGT-COMMERCE GmbH CloudPanel v2.0.0 to v2.4.2 allows low-privilege users to bypass access controls and gain unauthorized access to sensitive configuration files and administrative functionality...