Approved changes feed: RSS · Atom

cpe:2.3:a:cyberpower:powerpanel:*:*:*:*:enterprise:windows:*:*

part: a version: * update: *

VendorCyberpower (2a62c9be-26e1-571c-92ea-27ab54316d46)
ProductPowerpanel (92695e17-3806-556b-898b-a5df47f3cfcd)
Edition*
Language*
Software editionenterprise
Target softwarewindows
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/nathanvaughn/powerpanel-business-docker purl2cpe 2026-06-01 10:16:33.646518

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-32739 vulnerable 2026-06-08 06:37:23.751621 CyberPower PowerPanel Enterprise SQL Injection
HIGH (7.5)
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "query_ptask_verbose" function within MCUDBHelper.
Published: 2024-05-09T14:58:30.263Z
Updated: 2025-03-28T19:02:37.662Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-32738 vulnerable 2026-06-08 06:37:23.751234 CyberPower PowerPanel Enterprise SQL Injection
HIGH (7.5)
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "query_ptask_lean" function within MCUDBHelper.
Published: 2024-05-09T14:58:13.209Z
Updated: 2024-08-02T02:20:35.332Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-32737 vulnerable 2026-06-08 06:37:23.750717 CyberPower PowerPanel Enterprise SQL Injection
HIGH (7.5)
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "query_contract_result" function within MCUDBHelper.
Published: 2024-05-09T14:57:57.579Z
Updated: 2024-08-02T02:20:35.316Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-32736 vulnerable 2026-06-08 06:37:23.750195 CyberPower PowerPanel Enterprise SQL Injection
HIGH (7.5)
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "query_utask_verbose" function within MCUDBHelper.
Published: 2024-05-09T14:57:38.850Z
Updated: 2025-03-25T18:10:55.407Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-32735 vulnerable 2026-06-08 06:37:23.749680 CyberPower PowerPanel Enterprise Missing Authentication
CRITICAL (9.8)
An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can access the PDNU REST APIs, which may result in compromise of the application.
Published: 2024-05-09T14:54:45.407Z
Updated: 2024-08-02T02:20:35.343Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.