4 matches found
CentOS Web Panel Cross-Site Scripting Vulnerability (CNVD-2019-40075)
CentOS Web Panel CWP is a free web-hosting control panel that makes it easy to manage multiple servers without having to access the server via SSH for every little task that needs to be done. A cross-site scripting vulnerability exists in the domain parameters of CentOS Web Panel 0.9.8.837. An...
CentOS Web Panel Cross-Site Request Forgery Vulnerability (CNVD-2019-40074)
CentOS Web Panel CWP is a free web-hosting control panel that makes it easy to manage multiple servers without having to access the server via SSH for every little task that needs to be done. A cross-site request forgery vulnerability exists in the "Forgot Password" feature in CentOS Web Panel...
CVE-2019-13477
In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.837, CSRF in the forgot password function allows an attacker to change the password for the root account...
PT-2019-4344 · Centos · Centos Web Panel
Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.837 Description: The issue is related to a lack of protection for the web page structure, allowing a low-privilege user to achieve root access via the email list page. This can be exploited by a remote attacker ...