VYPR

CtrlPanel

by Ctrlpanel Gg

Source repositories

CVEs (3)

  • CVE-2026-34234CriMay 19, 2026
    risk 0.65cvss 10.0epss 0.01

    CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the web-based installer (public/installer/index.php) is vulnerable to unauthenticated Remote Code Execution (RCE) because it performs the install.lock check only after including and…

  • CVE-2025-25203HigFeb 11, 2025
    risk 0.46cvss 8.1epss 0.00

    CtrlPanel is open-source billing software for hosting providers. Prior to version 1.0, a Cross-Site Scripting (XSS) vulnerability exists in the `TicketsController` and `Moderation/TicketsController` due to insufficient input validation on the `priority` field during ticket…

  • CVE-2026-34233MedMay 19, 2026
    risk 0.42cvss 6.5epss 0.00

    CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, multiple admin controllers expose DataTable endpoints without authorization checks, allowing any authenticated user to access sensitive administrative data that should be restricted to…