Ehcp: >> Easy Hosting Control Panel >> 20.04.1.b Security Vulnerabilities
Reflected Cross-Site Scripting in the List MySQL Databases function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the action parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-08-22
Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-08-22
SQL Injection in the listdomains function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to access or manipulate database contents via the arananalan POST parameter.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-21
Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection vulnerability via the id parameter in the List All Email Addresses function.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-19
Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection vulnerability via the id parameter in the Change Settings function.
CVSS Score
4.8
EPSS Score
0.0
Published
2025-08-08
A reflected cross-site scripting (XSS) vulnerability in the List All FTP User Function in EHCP v20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via injecting a crafted payload into the ftpusername parameter.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-08-08