Every CVE whose affected-product data names Seopanel Seo Panel, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2017-10839 — CVSS 8.8 (high): SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated attackers to execute arbitrary SQL commands via…
CVE-2025-29451 — CVSS 7.6 (high): An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the Mail Setting component.
CVE-2025-29452 — CVSS 7.6 (high): An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the Proxy Manager component.
CVE-2021-34117 — CVSS 7.5 (high): SQL Injection vulnerability in SEO Panel 4.9.0 in api/user.api.php in function getUserName in the username parameter, allows attackers to…
CVE-2021-28419 — CVSS 7.2 (high): The "order_col" parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to…
CVE-2024-22643 — CVSS 6.5 (medium): A Cross-Site Request Forgery (CSRF) vulnerability in SEO Panel version 4.10.0 allows remote attackers to perform unauthorized user password…
CVE-2021-39413 — CVSS 6.1 (medium): Multiple Cross Site Scripting (XSS) vulnerabilities exits in SEO Panel v4.8.0 via the (1) to_time parameter in (a) backlinks.php, (b)…
CVE-2017-10838 — CVSS 6.1 (medium): Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an attacker to inject arbitrary web script or HTML via…
CVE-2020-35930 — CVSS 5.4 (medium): Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url parameter, as demonstrated by the seo/seopanel/websites.php URI.
CVE-2024-22647 — CVSS 5.3 (medium): An user enumeration vulnerability was found in SEO Panel 4.10.0. This issue occurs during user authentication, where a difference in error…
CVE-2024-22646 — CVSS 5.3 (medium): An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to…
CVE-2024-22648 — CVSS 5.3 (medium): A Blind SSRF vulnerability exists in the "Crawl Meta Data" functionality of SEO Panel version 4.10.0. This makes it possible for remote…
CVE-2021-29009 — CVSS 4.8 (medium): A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "type" parameter.
CVE-2018-14384 — CVSS 4.8 (medium): The Website Manager module in SEO Panel 3.13.0 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability, allowing…
CVE-2021-28417 — CVSS 4.8 (medium): A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php and the "search_name"…
CVE-2021-28418 — CVSS 4.8 (medium): A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via settings.php and the "category"…
CVE-2021-28420 — CVSS 4.8 (medium): A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via alerts.php and the "from_time"…
CVE-2021-29008 — CVSS 4.8 (medium): A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via webmaster-tools.php in the "to_time"…
CVE-2021-29010 — CVSS 4.8 (medium): A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "report_type"…
CVE-2014-100024 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Seo Panel before 3.4.0 allows remote attackers to inject arbitrary web script or HTML via…
CVE-2014-1855 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel before 3.5.0 allow remote attackers to inject arbitrary web script or HTML…