Vulnerabilities > MGT Commerce

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-08	CVE-2023-46157	OS Command Injection vulnerability in Mgt-Commerce Cloudpanel File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755. network low complexity mgt-commerce CWE-78	8.8
2023-06-25	CVE-2023-36630	Unrestricted Upload of File with Dangerous Type vulnerability in Mgt-Commerce Cloudpanel In CloudPanel before 2.3.1, insecure file upload leads to privilege escalation and authentication bypass. network low complexity mgt-commerce CWE-434	8.8
2023-06-20	CVE-2023-35885	Reliance on Cookies without Validation and Integrity Checking vulnerability in Mgt-Commerce Cloudpanel CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication. network low complexity mgt-commerce CWE-565 critical	9.8
2023-06-06	CVE-2023-33747	Path Traversal vulnerability in Mgt-Commerce Cloudpanel CloudPanel v2.2.2 allows attackers to execute a path traversal. local low complexity mgt-commerce CWE-22	7.8

Vulnerabilities > MGT Commerce {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"MGT Commerce"}]}