CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

140 matches found

ISPConfig - PHP Code Injection

An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if adminallowlangedit is enabled. id: CVE-2023-46818 info: name: ISPConfig - PHP Code Injection author: non-things severity: high description: | An issue was discovered...

7.2CVSS7.1AI score0.90534EPSS

Exploits14References4

EUVD•added 2026/05/05 6:33 p.m.•1 views

EUVD-2025-209641

ISPConfig 3.3.0 is vulnerable to Cross Site Scripting XSS via the system status webpage...

4.7CVSS5.8AI score0.00031EPSS

Exploits1References3

NVD•added 2026/05/05 4:16 p.m.•4 views

CVE-2025-52206

ISPConfig 3.3.0 is vulnerable to Cross Site Scripting XSS via the system status webpage...

4.7CVSS0.00031EPSS

Exploits1References2

ATTACKERKB•added 2026/05/05 12:0 a.m.•1 views

CVE-2025-52206

ISPConfig 3.3.0 is vulnerable to Cross Site Scripting XSS via the system status webpage...

5.8AI score0.00031EPSS

Exploits1References3

Positive Technologies•added 2026/05/05 12:0 a.m.•2 views

PT-2026-37054

Name of the Vulnerable Software and Affected Versions ISPConfig version 3.3.0 Description Cross Site Scripting XSS is possible via the system status webpage. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

4.7CVSS5.8AI score0.00031EPSS

Exploits1References4

Cvelist•added 2026/05/05 12:0 a.m.•27 views

CVE-2025-52206

ISPConfig 3.3.0 is vulnerable to Cross Site Scripting XSS via the system status webpage...

0.00031EPSS

Exploits1References2

Vulnrichment•added 2026/05/05 12:0 a.m.•1 views

CVE-2025-52206

ISPConfig 3.3.0 is vulnerable to Cross Site Scripting XSS via the system status webpage...

5.8AI score0.00031EPSS

Exploits1References2

CVE•added 2026/05/05 12:0 a.m.•8 views

CVE-2025-52206

ISPConfig 3.3.0 is vulnerable to Cross Site Scripting (XSS) via the system status webpage. The vulnerability affects the ISPConfig system-status UI, specifically the monitor/show_sys_state.php endpoint (state=server&server=[removed]...), allowing reflected user-supplied input to execute script in...

4.7CVSS5.8AI score0.00031EPSS

Exploits1References2Affected Software1

CNNVD•added 2026/05/05 12:0 a.m.•3 views

ISPConfig 跨站脚本漏洞

ISPConfig is a set of open-source host control panels based on Linux by the ISPConfig company. It allows for the management of multiple servers through a web-based control panel, the creation of websites, and the monitoring of server status. Version 3.3.0 of ISPConfig contains a cross-site...

4.7CVSS5.6AI score0.00031EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2012-2093

Malware in sbrugna...

9.8CVSS9.2AI score0.03332EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-30219

Malware in sbrugna...

9.8CVSS9.2AI score0.00512EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2015-4143

Malware in sbrugna...

6.5CVSS6.1AI score0.01913EPSS

Exploits5References8

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-8549

Malware in sbrugna...

9CVSS8.8AI score0.00483EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-9723

Malware in sbrugna...

7.8CVSS7.7AI score0.00427EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-26374

Malware in sbrugna...

9.8CVSS9.4AI score0.00441EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2015-4144

Malware in sbrugna...

6.8CVSS6.1AI score0.04615EPSS

Exploits6References8

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-52053

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00062EPSS

Exploits0References1

GithubExploit•added 2025/09/06 2:27 a.m.•205 views

Exploit for Code Injection in Ispconfig

CVE-2023-46818 - ISPConfig PHP Code Execution | Exploit Hi...

9.8CVSS7.7AI score0.90534EPSS

Exploits19

GithubExploit•added 2025/07/31 9:32 p.m.•370 views

Exploit for Code Injection in Ispconfig

CVE-2023-46818 PoC This is a python implemntation of the PoC p...

7.2CVSS7.2AI score0.90534EPSS

Exploits14

Packet Storm•added 2025/07/29 12:0 a.m.•111 views

📄 ISPConfig 3.3.0 Cross Site Scripting

ISPConfig version 3.3.0 suffers from a cross site scripting vulnerability in the system status webpage. CVE-2025-52206 Reflected Cross Site Scripting XSS Suggested description ISPConfig 3.3.0 is vulnerable to Cross Site Scripting XSS via the system status webpage...

6.5AI score0.00031EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by