Vulnerabilities > Aapanel

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-27	CVE-2022-26252	Path Traversal vulnerability in Aapanel 6.8.21 aaPanel v6.8.21 was discovered to be vulnerable to directory traversal. network low complexity aapanel CWE-22	6.5
2021-08-02	CVE-2021-37840	Unspecified vulnerability in Aapanel aaPanel through 6.8.12 allows Cross-Site WebSocket Hijacking (CSWH) involving OS commands within WebSocket messages at a ws:// URL for /webssh (the victim must have configured Terminal with at least one host). network low complexity aapanel	8.8
2020-06-21	CVE-2020-14950	OS Command Injection vulnerability in Aapanel aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a modified /system?action=ServiceAdmin request (start, stop, or restart) to the setting menu of Sotfware Store. network low complexity aapanel CWE-78	8.8
2020-06-18	CVE-2020-14421	Argument Injection or Modification vulnerability in Aapanel aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via the Script Content box on the Add Cron Job screen. network low complexity aapanel CWE-88	7.2

Vulnerabilities > Aapanel {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Aapanel"}]}