Web Control Panel
Monthly
SQL injection vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.14 build 577 allows remote authenticated users to execute. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Cross-site scripting (XSS) vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.13 build 574 allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
SQL injection vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.14 build 577 allows remote authenticated users to execute. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Cross-site scripting (XSS) vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) before 5.0.13 build 574 allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.