Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
224046.7%HIGH

Related CVEs

24
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-29452An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the Proxy Manager component.HIGH7.626.4%Apr 17, 2025
CVE-2025-29451An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the Mail Setting component.HIGH7.626.4%Apr 17, 2025
CVE-2024-22648A Blind SSRF vulnerability exists in the "Crawl Meta Data" functionality of SEO Panel version 4.10.0. This makes it possible for remote attackers to scan ports in the local environment.MEDIUM5.344.7%Jan 30, 2024
CVE-2024-22647An user enumeration vulnerability was found in SEO Panel 4.10.0. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine if a username is valid or not, enabling a brute-force attack with valid usernames.MEDIUM5.342.2%Jan 30, 2024
CVE-2024-22646An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess which emails exist on the system.MEDIUM5.343.5%Jan 30, 2024
CVE-2024-22643A Cross-Site Request Forgery (CSRF) vulnerability in SEO Panel version 4.10.0 allows remote attackers to perform unauthorized user password resets.MEDIUM6.524.3%Jan 30, 2024
CVE-2021-34117SQL Injection vulnerability in SEO Panel 4.9.0 in api/user.api.php in function getUserName in the username parameter, allows attackers to gain sensitive information.HIGH7.5Feb 15, 2023
CVE-2021-39413Multiple Cross Site Scripting (XSS) vulnerabilities exits in SEO Panel v4.8.0 via the (1) to_time parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, (f) rank.php, (g) review.php, (h) saturationchecker.php, (i) social_media.php, and (j) reports.php; the (2) from_time parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, (f) rank.php, (g) review.php, (h) saturationchecker.php, (i) social_media.php, (j) webmaster-tools.php, and (k) reports.php; the (3) order_col parameter in (a) analytics.php, (b) review.php, (c) social_media.php, and (d) webmaster-tools.php; and the (4) pageno parameter in (a) alerts.php, (b) log.php, (c) keywords.php, (d) proxy.php, (e) searchengine.php, and (f) siteauditor.php.MEDIUM6.1Nov 5, 2021
CVE-2020-27461A remote code execution vulnerability in SEOPanel 4.6.0 has been fixed for 4.7.0. This vulnerability allowed for remote code execution through an authenticated file upload via the Settings Panel>Import website function.HIGH8.888.5%Aug 20, 2021
CVE-2021-29010A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "report_type" parameter.MEDIUM4.8Mar 25, 2021
CVE-2021-29009A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "type" parameter.MEDIUM4.8Mar 25, 2021
CVE-2021-29008A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via webmaster-tools.php in the "to_time" parameter.MEDIUM4.8Mar 25, 2021
CVE-2021-28420A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via alerts.php and the "from_time" parameter.MEDIUM4.8Mar 18, 2021
CVE-2021-28419The "order_col" parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to retrieve all databases.HIGH7.2Mar 18, 2021
CVE-2021-28418A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via settings.php and the "category" parameter.MEDIUM4.8Mar 18, 2021
CVE-2021-28417A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php and the "search_name" parameter.MEDIUM4.8Mar 18, 2021
CVE-2021-3002Seo Panel 4.8.0 allows reflected XSS via the seo/seopanel/login.php?sec=forgot email parameter.MEDIUM6.1Jan 1, 2021
CVE-2020-35930Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url parameter, as demonstrated by the seo/seopanel/websites.php URI.MEDIUM5.439.7%Dec 31, 2020
CVE-2018-14384The Website Manager module in SEO Panel 3.13.0 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability, allowing remote authenticated attackers to inject arbitrary web script or HTML via the websites.php name parameter.MEDIUM4.851.6%Mar 2, 2020
CVE-2017-10839SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors.NONE60.7%Aug 29, 2017