8 matches found
CentOS Web Panel Command Execution Vulnerability
CentOS Web Panel CWP is a free web hosting control panel. A security vulnerability exists in CWP version 0.9.8.846. The vulnerability can be exploited by an attacker to directly execute operating system commands with the help of a web browser...
CentOS Web Panel Cross-Site Scripting Vulnerability
CentOS Web Panel CWP is a free web hosting control panel. A cross-site scripting vulnerability exists in the filemanager2.php file the 'fmcurrentdir' parameter in CWP version 0.9.8.846. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker can...
PT-2019-13306 · Centos · Centos Web Panel
Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.846 Description: The issue allows attackers to steal a cookie or session, or redirect to a phishing website through Reflected XSS in the filemanager2.php file, specifically targeting the fm current dir parameter...
PT-2019-13305 · Centos · Centos Web Panel
Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.846 Description: A hidden feature in the filemanager2.php file allows attackers to execute shell commands, potentially obtaining a reverse shell with user privileges. Recommendations: For version 0.9.8.846,...
CentOS Web Panel Authentication Bypass Vulnerability
CentOS Web Panel CWP is a free web hosting control panel. A security vulnerability exists in CWP versions 0.9.8.838 through 0.9.8.846. During login, a remote attacker can exploit this vulnerability to bypass authentication with the help of a valid username...
CentOS Web Panel Information Disclosure Vulnerability
CentOS Web Panel CWP is a free web hosting control panel. A security vulnerability exists in CWP version 0.9.8.846. An attacker can exploit the vulnerability by reading the HTTP response to check for a valid username...
CVE-2019-13383
In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response...
CentOS Control Web Panel 0.9.8.836 - Authentication Bypass
CentOS Control Web Panel 0.9.8.836 - Authentication Bypass Exploit Title: CWP CentOS Control Web Panel ||//...