2 matches found
CVE-2019-15235
CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/USERNAME/tmp/session/sessxxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/accesslog, then use them to gain access to the victim's password for the OS and...
Falt4 Extreme RC4,10.9.2007 XSRF Exploit
falt4 extreme RC4,10.9.2007 cms cross site request forgery Authors:d14l and marcoj cms homepage:www.falt4.org greetz:soul,stefo,sp1r1t,stexor,stronix,invisible,kisobran,csi and others falt4 cms suffers from csrf vulnerability which allows attacket to change victim's password you need only edit si...