CVE-2026-34216 | Ctrlpanel-gg panel up to 1.1.x Admin Settings Update Endpoint update settings_class externally-controlled input to select classes or code

Inserito da Angelo Barbosa | Mag 19, 2026 | CVE

A vulnerability was found in Ctrlpanel-gg panel up to 1.1.x. It has been rated as problematic. This affects the function update of the component Admin Settings Update Endpoint. This manipulation of the argument settings_class causes use of externally-controlled input to select classes or code.

This vulnerability is registered as CVE-2026-34216. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is advised.

CVE-2026-34216 | Ctrlpanel-gg panel up to 1.1.x Admin Settings Update Endpoint update settings_class externally-controlled input to select classes or code

Post correlati

CVE-2024-45818 | Xen VGA deadlock

CVE-2026-1705 | D-Link DSL-6641K N8.TR069.20131126 Web Interface ad_virtual_server_vdsl Name cross site scripting

CVE-2025-49484 | joomsky JS Jobs Component up to 1.4.1 on Joomla cvid sql injection

CVE-2024-37428 | Themesgrove WidgetKit Plugin up to 2.5.0 on WordPress cross site scripting