A remote code execution vulnerability in SEOPanel 4.6.0 has been fixed for 4.7.0. This vulnerability allowed for remote code execution through an authenticated file upload via the Settings Panel>Import website function.
Max CVSS
8.8
EPSS Score
3.44%
Published
2021-08-20
Updated
2021-08-30
Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) default_news or (2) sponsors cookies, which are not properly handled by (a) controllers/index.ctrl.php or (b) controllers/settings.ctrl.php.
Max CVSS
4.3
EPSS Score
0.48%
Published
2011-01-20
Updated
2018-10-10
2 vulnerabilities found