Vulnerabilities > MGT Commerce > Cloudpanel > 2.3.2

DATE CVE VULNERABILITY TITLE RISK
2024-06-14 CVE-2024-24320 Path Traversal vulnerability in Mgt-Commerce Cloudpanel
Directory Traversal vulnerability in Mgt-commerce CloudPanel v.2.0.0 thru v.2.4.0 allows a remote attacker to obtain sensitive information and execute arbitrary code via the service parameter of the load-logfiles function.
network
low complexity
mgt-commerce CWE-22
8.8
2023-12-08 CVE-2023-46157 OS Command Injection vulnerability in Mgt-Commerce Cloudpanel
File-Manager in MGT CloudPanel 2.0.0 through 2.3.2 allows the lowest privilege user to achieve OS command injection by changing file ownership and changing file permissions to 4755.
network
low complexity
mgt-commerce CWE-78
8.8