Seopanel CVE - OpenCVE

Filtered by vendor Seopanel Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 11 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-28420	1 Seopanel	1 Seo Panel	2021-12-03	3.5 LOW	4.8 MEDIUM
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via alerts.php and the "from_time" parameter.
CVE-2021-28418	1 Seopanel	1 Seo Panel	2021-12-03	3.5 LOW	4.8 MEDIUM
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via settings.php and the "category" parameter.
CVE-2021-28417	1 Seopanel	1 Seo Panel	2021-12-03	3.5 LOW	4.8 MEDIUM
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php and the "search_name" parameter.
CVE-2021-39413	1 Seopanel	1 Seo Panel	2021-11-08	4.3 MEDIUM	6.1 MEDIUM
Multiple Cross Site Scripting (XSS) vulnerabilities exits in SEO Panel v4.8.0 via the (1) to_time parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, (f) rank.php, (g) review.php, (h) saturationchecker.php, (i) social_media.php, and (j) reports.php; the (2) from_time parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, (f) rank.php, (g) review.php, (h) saturationchecker.php, (i) social_media.php, (j) webmaster-tools.php, and (k) reports.php; the (3) order_col parameter in (a) analytics.php, (b) review.php, (c) social_media.php, and (d) webmaster-tools.php; and the (4) pageno parameter in (a) alerts.php, (b) log.php, (c) keywords.php, (d) proxy.php, (e) searchengine.php, and (f) siteauditor.php.
CVE-2021-29009	1 Seopanel	1 Seo Panel	2021-03-26	3.5 LOW	4.8 MEDIUM
A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "type" parameter.
CVE-2021-29008	1 Seopanel	1 Seo Panel	2021-03-26	3.5 LOW	4.8 MEDIUM
A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via webmaster-tools.php in the "to_time" parameter.
CVE-2021-29010	1 Seopanel	1 Seo Panel	2021-03-26	3.5 LOW	4.8 MEDIUM
A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "report_type" parameter.
CVE-2020-35930	1 Seopanel	1 Seo Panel	2021-01-05	3.5 LOW	5.4 MEDIUM
Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url parameter, as demonstrated by the seo/seopanel/websites.php URI.
CVE-2021-3002	1 Seopanel	1 Seo Panel	2021-01-05	4.3 MEDIUM	6.1 MEDIUM
Seo Panel 4.8.0 allows reflected XSS via the seo/seopanel/login.php?sec=forgot email parameter.
CVE-2018-14384	1 Seopanel	1 Seo Panel	2020-03-04	3.5 LOW	4.8 MEDIUM
The Website Manager module in SEO Panel 3.13.0 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability, allowing remote authenticated attackers to inject arbitrary web script or HTML via the websites.php name parameter.
CVE-2017-10838	1 Seopanel	1 Seo Panel	2017-09-01	4.3 MEDIUM	6.1 MEDIUM
Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.

Vulnerabilities (CVE)

CVSS v3 Filter

Search