2 matches found
CVE-2019-10893
CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.793 Free/Open Source Version and 0.9.8.753 Pro is vulnerable to Stored/Persistent XSS for Admin Email fields on the "CWP Settings "Edit Settings" screen. By changing the email ID to any XSS Payload and clicking on Save Changes, the XSS Payload wi...
CentOS Web Panel Cross-Site Scripting Vulnerability (CNVD-2019-12907)
CentOS Web Panel CWP is a free web hosting control panel. A cross-site scripting vulnerability exists in the email field in CWP versions 0.9.8.793 Free and 0.9.8.753 Pro, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit this...