Vulnerabilities > Bittacora

DATE CVE VULNERABILITY TITLE RISK
2021-03-02 CVE-2020-28657 SQL Injection vulnerability in Bittacora Bpanel 2.0
In bPanel 2.0, the administrative ajax endpoints (aka ajax/aj_*.php) are accessible without authentication and allow SQL injections, which could lead to platform compromise.
network
low complexity
bittacora CWE-89
critical
9.8