81 matches found
CVE-2023-36630
In CloudPanel before 2.3.1, insecure file upload leads to privilege escalation and authentication bypass...
CVE-2023-35885
CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication...
CVE-2023-46157
File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755...
CVE-2023-33747
CloudPanel v2.2.2 allows attackers to execute a path traversal...
The vulnerability of the clpctlWrapper command in the server and CloudPanel management panel allows a attacker to increase their privileges.
The vulnerability of the clpctlWrapper command in the server and CloudPanel management panel is related to an incorrect limitation on the path name to the restricted directory. Exploiting this vulnerability can allow attackers to increase their privileges...
Exploit for CVE-2024-44765
CVE-2024-44765https://nvd.nist.gov/vuln/detail/CVE-2024-447...
PT-2024-31241 · Mgt Commerce Gmbh · Cloudpanel
Name of the Vulnerable Software and Affected Versions: MGT-COMMERCE GmbH CloudPanel versions 2.0.0 through 2.4.2 Description: An Improper Authorization Access Control Misconfiguration issue allows low-privilege users to bypass access controls, gaining unauthorized access to sensitive configuratio...
MGT-COMMERCE CloudPanel 安全漏洞
MGT-COMMERCE CloudPanel is a free solution from MGT-COMMERCE Open Source. Designed to ease the burden of managing self-hosted Linux servers. A security vulnerability exists in MGT-COMMERCE CloudPanel versions v2.0.0 through v2.4.2, which stems from improper authorization and allows an attacker to...
CVE-2024-24320
Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function...
CVE-2024-24320
Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function...
PT-2024-20356 · Mgt Commerce · Mgt-Commerce Cloudpanel
Name of the Vulnerable Software and Affected Versions: Mgt-commerce CloudPanel versions 2.0.0 through 2.4.0 Description: A Directory Traversal issue allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function...
MGT-COMMERCE CloudPanel Security Vulnerability
MGT-COMMERCE CloudPanel is a free solution from MGT-COMMERCE Open Source. Designed to ease the burden of managing self-hosted Linux servers. A security vulnerability exists in MGT-COMMERCE CloudPanel versions 2.0.0 to 2.4.0, which stems from susceptibility to directory traversal attacks that allo...
CVE-2024-24320
CVE-2024-24320 describes a Directory Traversal in Mgt-commerce CloudPanel (versions 2.0.0–2.4.0 ). The vulnerability allows a remote attacker to obtain sensitive information and may execute arbitrary code through the service parameter of the load-logfiles function. Root cause is reported as direc...
CVE-2024-24320
Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function...
VulnCheck KEV: CVE-2023-35885
CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication...
CVE-2023-46157
File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755...
CVE-2023-46157
File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755...
Command injection
File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755...
CloudPanel Security Vulnerabilities
CloudPanel is a free software from CloudPanel open source. It is used to configure and manage servers. A security vulnerability exists in MGT CloudPanel versions 2.0.0 through 2.3.2, which stems from a vulnerability that allows a low-privileged user to achieve operating system command injection b...
CVE-2023-46157
File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755...