Vulnerabilities in Ctrlpanel-gg
7 resultsCVE-2026-34234CRITICALCtrlPanel: Unauthenticated RCE using installer scriptEPSS 0.8%CVE-2026-34216MEDIUMCtrlPanel: Authenticated Remote Code Execution via Dynamic Class Instantiation in SettingsController.phpEPSS 0.5%CVE-2025-25203HIGHCtrlpanel has stored XSS vulnerability in TicketsController priority fieldEPSS 0.4%CVE-2026-34241HIGHCtrlPanel: Stored XSS in Ticket Reply Notifications Allows Session HijackingEPSS 0.3%CVE-2026-34358HIGHCtrlPanel: Missing Authorization on Admin Write Endpoints Allows RBAC BypassEPSS 0.3%CVE-2026-34233MEDIUMCtrlPanel has Missing Authentication Checks in Datatable Admin EndpointsEPSS 0.3%CVE-2026-34246MEDIUMCtrlPanel: Stored XSS in Admin Role Management via Unescaped DataTable HTML OutputEPSS 0.2%