Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Bittacora Subscribe
Filtered by product Bpanel
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-28657 1 Bittacora 1 Bpanel 2021-03-04 7.5 HIGH 9.8 CRITICAL
In bPanel 2.0, the administrative ajax endpoints (aka ajax/aj_*.php) are accessible without authentication and allow SQL injections, which could lead to platform compromise.