Vulnerabilities > MGT Commerce > Cloudpanel > 2.3.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-14 | CVE-2024-24320 | Path Traversal vulnerability in Mgt-Commerce Cloudpanel Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function. | 8.8 |
2023-12-08 | CVE-2023-46157 | OS Command Injection vulnerability in Mgt-Commerce Cloudpanel File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755. | 8.8 |