VYPR

WEB control panel

by ClonOS

CVEs (3)

  • CVE-2019-18418CriOct 24, 2019
    risk 0.67cvss 9.8epss 0.04

    clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management.

  • CVE-2019-18419MedOct 24, 2019
    risk 0.40cvss 6.1epss 0.01

    A cross-site scripting (XSS) vulnerability in index.php in ClonOS WEB control panel 19.09 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.

  • CVE-2019-15571CriAug 26, 2019
    risk 0.00cvss 9.8epss 0.01

    The WEB control panel before 2019-04-30 for ClonOS allows SQL injection in clonos.php.