Cloudpanel 2 < 2.3.1 - Remote Code Execution

CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. id: CVE-2023-35885 info: name: Cloudpanel 2 2.3.1 - Remote Code Execution author: DhiyaneshDk severity: critical description: | CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. impact: | Successfu...

MAL-2025-46345 Malicious code in tju-proj-mgt-raoguozheng (npm)

The package tju-proj-mgt-raoguozheng was found to contain malicious code...

Malicious code in tju-proj-mgt-raoguozheng (npm)

The package tju-proj-mgt-raoguozheng was found to contain malicious code...

Malicious code in nudt-proj-mgt-maoxinjun (npm)

The package nudt-proj-mgt-maoxinjun was found to contain malicious code...

MAL-2025-45375 Malicious code in nudt-proj-mgt-maoxinjun (npm)

The package nudt-proj-mgt-maoxinjun was found to contain malicious code...

Malicious code in cache-mgt (npm)

The package cache-mgt was found to contain malicious code...

MAL-2025-16422 Malicious code in cache-mgt (npm)

The package cache-mgt was found to contain malicious code...

CVE-2024-44765

An Improper Authorization Access Control Misconfiguration vulnerability in MGT-COMMERCE GmbH CloudPanel v2.0.0 to v2.4.2 allows low-privilege users to bypass access controls and gain unauthorized access to sensitive configuration files and administrative functionality...

CVE-2024-44765

An Improper Authorization Access Control Misconfiguration vulnerability in MGT-COMMERCE GmbH CloudPanel v2.0.0 to v2.4.2 allows low-privilege users to bypass access controls and gain unauthorized access to sensitive configuration files and administrative functionality...

CVE-2024-44765

CVE-2024-44765 affects MGT-COMMERCE GmbH CloudPanel versions 2.0.0–2.4.2. The root cause is an improper authorization/access control misconfiguration that lets low-privilege users bypass controls and access sensitive configuration files and administrative functionality. Impact is described as pot...

CVE-2024-24320

Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function...

CVE-2024-24320

Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function...

CVE-2024-24320

Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function...

CVE-2024-24320

CVE-2024-24320 describes a Directory Traversal in Mgt-commerce CloudPanel (versions 2.0.0–2.4.0 ). The vulnerability allows a remote attacker to obtain sensitive information and may execute arbitrary code through the service parameter of the load-logfiles function. Root cause is reported as direc...

CVE-2023-46157

File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755...

CVE-2023-46157

File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755...

Command injection

File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755...

CVE-2023-46157

CVE-2023-46157 affects MGT CloudPanel 2.0.0–2.3.2. The root cause is a vulnerability in File-Manager allowing OS command injection by a lowest-privilege user through altering file ownership and setting file permissions to 4755. The provided documents consistently describe this as the impact (comm...

CVE-2023-46157

File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755...

MGT-COMMERCE CloudPanel 路径遍历漏洞

MGT-COMMERCE CloudPanel is a free solution from MGT-COMMERCE Open Source. It is designed to ease the burden of managing self-hosted Linux servers. A security vulnerability exists in MGT-COMMERCE CloudPanel version 2.2.2, which stems from a vulnerability that allows an attacker to perform path...