Easy Hosting Control Panel
Products
2- 4 CVEs
- 3 CVEs
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-6361 | Med | 0.43 | 6.1 | 0.40 | May 11, 2018 | Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the op parameter, as demonstrated by adding a backdoor FTP account. | ||
| CVE-2025-50926 | Med | 0.42 | 6.5 | 0.00 | Aug 19, 2025 | Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection vulnerability via the id parameter in the List All Email Addresses function. | ||
| CVE-2025-50859 | Med | 0.40 | 6.1 | 0.00 | Aug 22, 2025 | Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter. | ||
| CVE-2025-50858 | Med | 0.40 | 6.1 | 0.00 | Aug 22, 2025 | Reflected Cross-Site Scripting in the List MySQL Databases function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the action parameter. | ||
| CVE-2025-50860 | Med | 0.35 | 5.4 | 0.00 | Aug 21, 2025 | SQL Injection in the listdomains function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to access or manipulate database contents via the arananalan POST parameter. | ||
| CVE-2025-50928 | Med | 0.31 | 4.8 | 0.00 | Aug 8, 2025 | Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection vulnerability via the id parameter in the Change Settings function. | ||
| CVE-2007-6178 | 0.03 | — | 0.02 | Nov 30, 2007 | Multiple PHP remote file inclusion vulnerabilities in Easy Hosting Control Panel for Ubuntu (EHCP) 0.22.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the confdir parameter to (1) dbutil.bck.php and (2) dbutil.php in config/. |
- risk 0.43cvss 6.1epss 0.40
Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the op parameter, as demonstrated by adding a backdoor FTP account.
- risk 0.42cvss 6.5epss 0.00
Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection vulnerability via the id parameter in the List All Email Addresses function.
- risk 0.40cvss 6.1epss 0.00
Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter.
- risk 0.40cvss 6.1epss 0.00
Reflected Cross-Site Scripting in the List MySQL Databases function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the action parameter.
- risk 0.35cvss 5.4epss 0.00
SQL Injection in the listdomains function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to access or manipulate database contents via the arananalan POST parameter.
- risk 0.31cvss 4.8epss 0.00
Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection vulnerability via the id parameter in the Change Settings function.
- CVE-2007-6178Nov 30, 2007risk 0.03cvss —epss 0.02
Multiple PHP remote file inclusion vulnerabilities in Easy Hosting Control Panel for Ubuntu (EHCP) 0.22.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the confdir parameter to (1) dbutil.bck.php and (2) dbutil.php in config/.