Lucene search
K

8 matches found

CNVD
CNVD
added 2019/07/30 12:0 a.m.3 views

CentOS Web Panel Command Execution Vulnerability

CentOS Web Panel CWP is a free web hosting control panel. A security vulnerability exists in CWP version 0.9.8.846. The vulnerability can be exploited by an attacker to directly execute operating system commands with the help of a web browser...

8.8CVSS7.2AI score0.02805EPSS
Exploits3References1
CNVD
CNVD
added 2019/07/30 12:0 a.m.4 views

CentOS Web Panel Cross-Site Scripting Vulnerability

CentOS Web Panel CWP is a free web hosting control panel. A cross-site scripting vulnerability exists in the filemanager2.php file the 'fmcurrentdir' parameter in CWP version 0.9.8.846. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker can...

6.1CVSS6.4AI score0.02176EPSS
Exploits3References1
Positive Technologies
Positive Technologies
added 2019/07/26 12:0 a.m.4 views

PT-2019-13306 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.846 Description: The issue allows attackers to steal a cookie or session, or redirect to a phishing website through Reflected XSS in the filemanager2.php file, specifically targeting the fm current dir parameter...

6.1CVSS6AI score0.02176EPSS
Exploits3References5
Positive Technologies
Positive Technologies
added 2019/07/26 12:0 a.m.5 views

PT-2019-13305 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.846 Description: A hidden feature in the filemanager2.php file allows attackers to execute shell commands, potentially obtaining a reverse shell with user privileges. Recommendations: For version 0.9.8.846,...

8.8CVSS8.7AI score0.02805EPSS
Exploits3References4
CNVD
CNVD
added 2019/07/18 12:0 a.m.1 views

CentOS Web Panel Authentication Bypass Vulnerability

CentOS Web Panel CWP is a free web hosting control panel. A security vulnerability exists in CWP versions 0.9.8.838 through 0.9.8.846. During login, a remote attacker can exploit this vulnerability to bypass authentication with the help of a valid username...

8.8CVSS7.1AI score0.15307EPSS
Exploits5References1
CNVD
CNVD
added 2019/07/18 12:0 a.m.4 views

CentOS Web Panel Information Disclosure Vulnerability

CentOS Web Panel CWP is a free web hosting control panel. A security vulnerability exists in CWP version 0.9.8.846. An attacker can exploit the vulnerability by reading the HTTP response to check for a valid username...

5.3CVSS6.9AI score0.14241EPSS
Exploits5References1
OSV
OSV
added 2019/07/16 5:15 p.m.6 views

CVE-2019-13383

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response...

5.3CVSS6.3AI score0.14241EPSS
Exploits5References3
exploitpack
exploitpack
added 2019/07/16 12:0 a.m.32 views

CentOS Control Web Panel 0.9.8.836 - Authentication Bypass

CentOS Control Web Panel 0.9.8.836 - Authentication Bypass Exploit Title: CWP CentOS Control Web Panel ||//...

7.5CVSS0.9AI score0.2445EPSS
Exploits6
Rows per page
Query Builder