Vulnerabilities > Ispconfig > Ispconfig > 2.2.7

DATE CVE VULNERABILITY TITLE RISK
2023-10-27 CVE-2023-46818 Code Injection vulnerability in Ispconfig
An issue was discovered in ISPConfig before 3.2.11p1.
network
low complexity
ispconfig CWE-94
7.2
7.2
2021-01-05 CVE-2021-3021 SQL Injection vulnerability in Ispconfig
ISPConfig before 3.2.2 allows SQL injection.
network
low complexity
ispconfig CWE-89
critical
 9.8
9.8
2020-02-25 CVE-2020-9398 SQL Injection vulnerability in Ispconfig
ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_allowed=sites option is manually enabled, allows SQL Injection.
network
low complexity
ispconfig CWE-89
critical
 9.8
9.8
2018-10-04 CVE-2018-17984 Incorrect Regular Expression vulnerability in Ispconfig
An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution.
local
low complexity
ispconfig CWE-185
7.8
7.8