5 matches found
CVE-2019-15235
CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/USERNAME/tmp/session/sessxxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/accesslog, then use them to gain access to the victim's password for the OS and...
CVE-2019-15235
CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/USERNAME/tmp/session/sessxxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/accesslog, then use them to gain access to the victim's password for the OS and...
CVE-2019-15235
The CVE-2019-15235 entry concerns CentOS Web Panel (CWP) prior to 0.9.8.864. The vulnerability lets an attacker obtain a victim’s session file name from /home/[USERNAME]/tmp/session/sess_xxxxxx and the token value from /usr/local/cwpsrv/logs/access_log, then use these to access the victim’s passw...
Control Web Panel 0.9.8.864 phpMyAdmin Password Disclosure Vulnerability
Exploit for php platform in category web applications Exploit Title : CWP Control Web Panel phpMyAdmin password access Exploit Author : Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak Vendor Homepage : https://control-webpanel.com/ Software Link : Not available, user panel only...
Control Web Panel 0.9.8.864 phpMyAdmin Password Disclosure
Exploit Title : CWP Control Web Panel phpMyAdmin password access Date : 20 Aug 2019 Exploit Author : Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak Vendor Homepage : https://control-webpanel.com/ Software Link : Not available, user panel only available for lastest version Versi...