Softaculous Webuzo
6 CVEs affecting Softaculous Webuzo. Latest disclosed: 2024-07-25. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-24621 | Critical | 9.8 | 2024-07-25 | Softaculous Webuzo contains an authentication bypass vulnerability through the password reset functionality. Remote, anonymous attackers can exploit this vulne… |
CVE-2024-24622 | High | 8.8 | 2024-07-25 | Softaculous Webuzo contains a command injection in the password reset functionality. A remote, authenticated attacker can exploit this vulnerability to gain co… |
CVE-2024-24623 | High | 8.8 | 2024-07-25 | Softaculous Webuzo contains a command injection vulnerability in the FTP management functionality. A remote, authenticated attacker can exploit this vulnerabil… |
CVE-2013-6043 | | 2014-12-27 | The login function in Softaculous Webuzo before 2.1.4 provides different error messages for invalid authentication attempts depending on whether the user accou… | |
CVE-2013-6041 | | 2014-12-27 | index.php in Softaculous Webuzo before 2.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in a SOFTCookies sid cookie within… | |
CVE-2013-6042 | | 2013-11-19 | Cross-site scripting (XSS) vulnerability in filemanager/login.php in the File Manager module in Softaculous Webuzo before 2.1.4 allows remote attackers to inje… |