VYPR
Vendor

Easy Hosting Control Panel

Products
2
CVEs
7
Across products
7
Status
Private

Products

2

Recent CVEs

7
  • CVE-2018-6361MedMay 11, 2018
    risk 0.43cvss 6.1epss 0.40

    Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the op parameter, as demonstrated by adding a backdoor FTP account.

  • CVE-2025-50926MedAug 19, 2025
    risk 0.42cvss 6.5epss 0.00

    Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection vulnerability via the id parameter in the List All Email Addresses function.

  • CVE-2025-50859MedAug 22, 2025
    risk 0.40cvss 6.1epss 0.00

    Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter.

  • CVE-2025-50858MedAug 22, 2025
    risk 0.40cvss 6.1epss 0.00

    Reflected Cross-Site Scripting in the List MySQL Databases function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the action parameter.

  • CVE-2025-50860MedAug 21, 2025
    risk 0.35cvss 5.4epss 0.00

    SQL Injection in the listdomains function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to access or manipulate database contents via the arananalan POST parameter.

  • CVE-2025-50928MedAug 8, 2025
    risk 0.31cvss 4.8epss 0.00

    Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection vulnerability via the id parameter in the Change Settings function.

  • CVE-2007-6178Nov 30, 2007
    risk 0.03cvss epss 0.02

    Multiple PHP remote file inclusion vulnerabilities in Easy Hosting Control Panel for Ubuntu (EHCP) 0.22.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the confdir parameter to (1) dbutil.bck.php and (2) dbutil.php in config/.