pkg:Bitnami/seopanel

15 total CVEsHIGH2MEDIUM13

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2021-34117SQL Injection vulnerability in SEO Panel 4.9.0 in api/user.api.php in function getUserName in the username parameter, allows attackers to g…
    >= 4.9.0, <= 4.9.0
  • HIGH7.2CVE-2021-28419The "order_col" parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to…
    >= 4.8.0, <= 4.8.0
  • MEDIUM6.5CVE-2024-22643A Cross-Site Request Forgery (CSRF) vulnerability in SEO Panel version 4.10.0 allows remote attackers to perform unauthorized user password…
    >= 4.10.0, <= 4.10.0
  • MEDIUM6.1CVE-2021-3002Seo Panel 4.8.0 allows reflected XSS via the seo/seopanel/login.php?sec=forgot email parameter.
    >= 4.8.0, <= 4.8.0
  • MEDIUM6.1CVE-2021-39413Multiple Cross Site Scripting (XSS) vulnerabilities exits in SEO Panel v4.8.0 via the (1) to_time parameter in (a) backlinks.php, (b) analy…
    >= 4.8.0, <= 4.8.0
  • MEDIUM5.4CVE-2020-35930Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url parameter, as demonstrated by the seo/seopanel/websites.php URI.
    >= 4.8.0, <= 4.8.0
  • MEDIUM5.3CVE-2024-22646An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0.
    >= 4.10.0, <= 4.10.0
  • MEDIUM5.3CVE-2024-22647An user enumeration vulnerability was found in SEO Panel 4.10.0.
    >= 4.10.0, <= 4.10.0
  • MEDIUM5.3CVE-2024-22648A Blind SSRF vulnerability exists in the "Crawl Meta Data" functionality of SEO Panel version 4.10.0.
    >= 4.10.0, <= 4.10.0
  • MEDIUM4.8CVE-2021-28417A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php and the "search_name" pa…
    >= 4.8.0, <= 4.8.0
  • MEDIUM4.8CVE-2021-28418A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via settings.php and the "category" para…
    >= 4.8.0, <= 4.8.0
  • MEDIUM4.8CVE-2021-28420A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via alerts.php and the "from_time" param…
    >= 4.8.0, <= 4.8.0
  • MEDIUM4.8CVE-2021-29008A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via webmaster-tools.php in the "to_time"…
    >= 4.8.0, <= 4.8.0
  • MEDIUM4.8CVE-2021-29009A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "type" parameter.
    >= 4.8.0, <= 4.8.0
  • MEDIUM4.8CVE-2021-29010A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "report_type" par…
    >= 4.8.0, <= 4.8.0