PT-2019-14030 · Centos · Centos Web Panel
Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.864 Description: The issue allows an attacker to obtain a victim's session file name from /home/USERNAME/tmp/session/sess xxxxxx and the victim's token value from /usr/local/cwpsrv/logs/access log. With this...