Lucene search
+L

4 matches found

Prion
Prion
added 2019/12/17 4:15 p.m.19 views

Design/Logic Flaw

CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/USERNAME/tmp/session/sessxxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/accesslog, then use them to gain access to the victim's password for the OS and...

4CVSS6.7AI score0.01411EPSS
Exploits4References2Affected Software1
CVE
CVE
added 2019/12/17 3:25 p.m.70 views

CVE-2019-14782

CVE-2019-14782 affects CentOS Web Panel (CWP) versions 0.9.8.856–0.9.8.864. The issue allows an attacker to obtain a victim’s session file name from the /tmp directory and the token value from /usr/local/cwpsrv/logs/access_log, then use those to request the victim’s password (for the OS and phpMy...

6.5CVSS6.4AI score0.01382EPSS
Exploits3References2Affected Software1
0day.today
0day.today
added 2019/12/17 12:0 a.m.128 views

Control Web Panel 0.9.8.864 phpMyAdmin Password Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title : CWP Control Web Panel phpMyAdmin password access Exploit Author : Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak Vendor Homepage : https://control-webpanel.com/ Software Link : Not available, user panel only...

6.6AI score0.01411EPSS
Exploits4
Packet Storm
Packet Storm
added 2019/12/16 12:0 a.m.171 views

Control Web Panel 0.9.8.864 phpMyAdmin Password Disclosure

Exploit Title : CWP Control Web Panel phpMyAdmin password access Date : 20 Aug 2019 Exploit Author : Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak Vendor Homepage : https://control-webpanel.com/ Software Link : Not available, user panel only available for lastest version Versi...

6.5AI score0.01411EPSS
Exploits4
Rows per page
Query Builder