VYPR

Ehcp

by EHCP

CVEs (5)

  • CVE-2018-6619HigMay 11, 2018
    risk 0.51cvss 7.8epss 0.00

    Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attackers to crack database passwords by leveraging use of a weak hashing algorithm without a salt.

  • CVE-2025-50927MedAug 8, 2025
    risk 0.41cvss 6.3epss 0.00

    A reflected cross-site scripting (XSS) vulnerability in the List All FTP User Function in EHCP v20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via injecting a crafted payload into the ftpusername parameter.

  • CVE-2025-50859MedAug 22, 2025
    risk 0.40cvss 6.1epss 0.00

    Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter.

  • CVE-2025-50858MedAug 22, 2025
    risk 0.40cvss 6.1epss 0.00

    Reflected Cross-Site Scripting in the List MySQL Databases function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the action parameter.

  • CVE-2025-50860MedAug 21, 2025
    risk 0.35cvss 5.4epss 0.00

    SQL Injection in the listdomains function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to access or manipulate database contents via the arananalan POST parameter.