Every CVE whose affected-product data names Softaculous Webuzo, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-24621 — CVSS 9.8 (critical): Softaculous Webuzo contains an authentication bypass vulnerability through the password reset functionality. Remote, anonymous attackers…
CVE-2024-24622 — CVSS 8.8 (high): Softaculous Webuzo contains a command injection in the password reset functionality. A remote, authenticated attacker can exploit this…
CVE-2024-24623 — CVSS 8.8 (high): Softaculous Webuzo contains a command injection vulnerability in the FTP management functionality. A remote, authenticated attacker can…
CVE-2013-6041 — CVSS 7.5 (high): index.php in Softaculous Webuzo before 2.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in a…
CVE-2013-6043 — CVSS 5.0 (medium): The login function in Softaculous Webuzo before 2.1.4 provides different error messages for invalid authentication attempts depending on…
CVE-2013-6042 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in filemanager/login.php in the File Manager module in Softaculous Webuzo before 2.1.4 allows…