Product
zpanelcp zpanel
10 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2013-2097
CVE-2012-5686
CVE-2012-6654
CVE-2012-5685
CVE-2012-5684
CVE-2012-5683
CVE-2007-1123
CVE-2005-0794
CVE-2005-0793
CVE-2005-0792
all versions
ZPanel through 10.1.0 has Remote Command Execution
all versions
ZPanel 10.0.1 has insufficient entropy for its password reset process.
<= 10.0.1
Multiple SQL injection vulnerabilities in ZPanel 10.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via t
<= 10.0.1
SQL injection vulnerability in ZPanel 10.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the inEmail
<= 10.0.1
Cross-site scripting (XSS) vulnerability in ZPanel 10.0.1 and earlier allows remote attackers to inject arbitrary web script or HT
<= 10.0.1
Multiple cross-site request forgery (CSRF) vulnerabilities in ZPanel 10.0.1 and earlier allow remote attackers to hijack the authe
all versions
Multiple PHP remote file inclusion vulnerabilities in ZPanel 2.0 allow remote attackers to execute arbitrary PHP code via a URL in
all versions
ZPanel 2.0 and 2.5 beta 10 does not remove or protect installation scripts after they have been used, which allows remote attacker
all versions
PHP remote file inclusion vulnerability in zpanel.php in ZPanel allows remote attackers to (1) execute arbitrary PHP code in ZPane
all versions
SQL injection vulnerability in ZPanel 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) uname parameter to