Vendor
Seopanel
Products
2
CVEs
6
Across products
7
Status
Private
Products
2- 5 CVEs
- 2 CVEs
Recent CVEs
6| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-10839 | Hig | 0.57 | 8.8 | 0.00 | Aug 29, 2017 | SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | |
| CVE-2017-10838 | Med | 0.40 | 6.1 | 0.00 | Aug 29, 2017 | Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | |
| CVE-2021-47872 | Hig | 0.39 | 7.1 | 0.00 | Jan 21, 2026 | SEO Panel versions prior to 4.9.0 contain a blind SQL injection vulnerability in the archive.php page that allows authenticated attackers to manipulate database queries through the 'order_col' parameter. Attackers can use sqlmap to exploit the vulnerability and extract database information by injecting malicious SQL code into the order column parameter. | |
| CVE-2010-4331 | 0.03 | — | 0.02 | Jan 20, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) default_news or (2) sponsors cookies, which are not properly handled by (a) controllers/index.ctrl.php or (b) controllers/settings.ctrl.php. | ||
| CVE-2014-100024 | 0.00 | — | 0.00 | Jan 13, 2015 | Cross-site scripting (XSS) vulnerability in Seo Panel before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||
| CVE-2014-1855 | 0.00 | — | 0.00 | May 20, 2014 | Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel before 3.5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) capcheck parameter to directories.php or (2) keyword parameter to proxy.php. |