Vulnerabilities > Seopanel

DATE CVE VULNERABILITY TITLE RISK
2021-03-18 CVE-2021-28420 Cross-site Scripting vulnerability in Seopanel SEO Panel 4.8.0
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via alerts.php and the "from_time" parameter.
network
seopanel CWE-79
3.5
2021-03-18 CVE-2021-28419 SQL Injection vulnerability in Seopanel SEO Panel 4.8.0
The "order_col" parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to retrieve all databases.
network
low complexity
seopanel CWE-89
6.5
2021-03-18 CVE-2021-28418 Cross-site Scripting vulnerability in Seopanel SEO Panel 4.8.0
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via settings.php and the "category" parameter.
network
seopanel CWE-79
3.5
2021-03-18 CVE-2021-28417 Cross-site Scripting vulnerability in Seopanel SEO Panel 4.8.0
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php and the "search_name" parameter.
network
seopanel CWE-79
3.5
2021-01-01 CVE-2021-3002 Cross-site Scripting vulnerability in Seopanel SEO Panel 4.8.0
Seo Panel 4.8.0 allows reflected XSS via the seo/seopanel/login.php?sec=forgot email parameter.
network
seopanel CWE-79
4.3
2020-12-31 CVE-2020-35930 Cross-site Scripting vulnerability in Seopanel SEO Panel 4.8.0
Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url parameter, as demonstrated by the seo/seopanel/websites.php URI.
network
seopanel CWE-79
3.5
2020-03-02 CVE-2018-14384 Cross-site Scripting vulnerability in Seopanel SEO Panel
The Website Manager module in SEO Panel 3.13.0 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability, allowing remote authenticated attackers to inject arbitrary web script or HTML via the websites.php name parameter.
network
seopanel CWE-79
3.5
2017-08-29 CVE-2017-10839 SQL Injection vulnerability in Seopanel SEO Panel 3.3.1/3.4.0/3.5.0
SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
seopanel CWE-89
6.5
2017-08-29 CVE-2017-10838 Cross-site Scripting vulnerability in Seopanel SEO Panel 3.3.1/3.4.0/3.5.0
Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
network
seopanel CWE-79
4.3
2015-01-13 CVE-2014-100024 Cross-site Scripting vulnerability in Seopanel SEO Panel 3.3.1
Cross-site scripting (XSS) vulnerability in Seo Panel before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
seopanel CWE-79
4.3