4 matches found
CVE-2019-13477
In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.837, CSRF in the forgot password function allows an attacker to change the password for the root account...
CentOS 7.6.1810 Control Web Panel 0.9.8.837 Cross Site Request Forgery
Cross-Site Request Forgery CSRF ==================================================================== Information ==================================================================== Product : CWP Control Web Panel version : 0.9.8.837 Fixed on : 0.9.8.851 Test on : CentOS 7.6.1810 Core Reference :...
CVE-2019-13477
In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.837, CSRF in the forgot password function allows an attacker to change the password for the root account...
CVE-2019-13477
CWP Control Web Panel version 0.9.8.837 is affected by a Cross-Site Request Forgery (CSRF) vulnerability in the Forgot Password feature, enabling an attacker to change the root password. Root cause: CSRF in the forgot-password flow exposes account password changes to unauthorized requests. Impact...