Unrated severityNVD Advisory· Published Jan 20, 2011· Updated Apr 29, 2026

CVE-2010-4331

Description

Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) default_news or (2) sponsors cookies, which are not properly handled by (a) controllers/index.ctrl.php or (b) controllers/settings.ctrl.php.

Affected products

Seopanel/Seopanel
cpe:2.3:a:seopanel:seopanel:2.2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/16000nvdExploit
www.uncompiled.com/2011/01/seo-panel-cookie-rendered-persistent-xss-vulnerability-cve-2010-4331/nvdExploit
www.securityfocus.com/archive/1/515768/100/0/threadednvd
www.securityfocus.com/bid/45828nvd
exchange.xforce.ibmcloud.com/vulnerabilities/64725nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000