Lucene search
K

87 matches found

Packet Storm
Packet Storm
added 2020/03/13 12:0 a.m.141 views

CentOS WebPanel 7 SQL Injection

Exploit Title: Centos WebPanel 7 - 'term' SQL Injection Google Dork: N/A Date: 2020-03-03 Exploit Author: Berke YILMAZ Vendor Homepage: http://centos-webpanel.com/ Software Link: http://centos-webpanel.com/ Version: v6 - v7 Tested on: Kali Linux - Windows 10 CVE : N/A Type: Error Based SQL...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/03/13 12:0 a.m.139 views

Centos WebPanel 7 - (term) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Centos WebPanel 7 - 'term' SQL Injection Exploit Author: Berke YILMAZ Vendor Homepage: http://centos-webpanel.com/ Software Link: http://centos-webpanel.com/ Version: v6 - v7 Tested on: Kali Linux - Windows 10 CVE : N/A Type:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2020/03/13 12:0 a.m.139 views

Centos WebPanel 7 - term SQL Injection

Centos WebPanel 7 - term SQL Injection Exploit Title: Centos WebPanel 7 - 'term' SQL Injection Google Dork: N/A Date: 2020-03-03 Exploit Author: Berke YILMAZ Vendor Homepage: http://centos-webpanel.com/ Software Link: http://centos-webpanel.com/ Version: v6 - v7 Tested on: Kali Linux - Windows 10...

10AI score0.14668EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/03/13 12:0 a.m.1022 views

Centos WebPanel 7 - 'term' SQL Injection

Exploit Title: Centos WebPanel 7 - 'term' SQL Injection Google Dork: N/A Date: 2020-03-03 Exploit Author: Berke YILMAZ Vendor Homepage: http://centos-webpanel.com/ Software Link: http://centos-webpanel.com/ Version: v6 - v7 Tested on: Kali Linux - Windows 10 CVE : CVE-2020-10230 Type: Error Based...

9.8CVSS9.9AI score0.14668EPSS
Exploits3
Prion
Prion
added 2019/12/17 4:15 p.m.19 views

Design/Logic Flaw

CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/USERNAME/tmp/session/sessxxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/accesslog, then use them to gain access to the victim's password for the OS and...

4CVSS6.7AI score0.01411EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2019/12/17 3:25 p.m.64 views

CVE-2019-14782

CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/accesslog, then use them to make a request to extract the victim's password for the OS...

6.5AI score0.01382EPSS
Exploits3References2
CVE
CVE
added 2019/12/17 3:25 p.m.69 views

CVE-2019-14782

CVE-2019-14782 affects CentOS Web Panel (CWP) versions 0.9.8.856–0.9.8.864. The issue allows an attacker to obtain a victim’s session file name from the /tmp directory and the token value from /usr/local/cwpsrv/logs/access_log, then use those to request the victim’s password (for the OS and phpMy...

6.5CVSS6.4AI score0.01382EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2019/12/17 3:20 p.m.57 views

CVE-2019-15235

CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.864 allows an attacker to get a victim's session file name from /home/USERNAME/tmp/session/sessxxxxxx, and the victim's token value from /usr/local/cwpsrv/logs/accesslog, then use them to gain access to the victim's password for the OS and...

6.7AI score0.01411EPSS
Exploits3References2
Prion
Prion
added 2019/09/11 12:15 p.m.16 views

Design/Logic Flaw

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account...

5CVSS7.5AI score0.04412EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/09/11 11:28 a.m.27 views

CVE-2019-14724

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account...

7.5AI score0.04412EPSS
Exploits1References3
CVE
CVE
added 2019/09/11 11:28 a.m.66 views

CVE-2019-14724

CVE-2019-14724 affects CentOS Web Panel version 0.9.8.851. The vulnerability is an insecure object reference that allows an attacker with an attacker account to edit the victim’s e‑mail forwarding destination. Root cause: improper access control on the object representing the e‑mail forwarding se...

7.5CVSS7.4AI score0.04412EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/09/11 11:26 a.m.39 views

CVE-2019-14725

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account...

4.6AI score0.01469EPSS
Exploits1References3
CVE
CVE
added 2019/09/11 11:26 a.m.57 views

CVE-2019-14725

CVE-2019-14725 affects CentOS Web Panel 0.9.8.851. Affected component is an insecure object reference that lets an attacker with an account modify the email usage value of another victim’s account. The root cause is inadequate access control on object references, enabling privilege escalation wit...

4.3CVSS4.6AI score0.01469EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2019/09/10 4:15 p.m.24 views

CVE-2019-14728

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to add an e-mail forwarding destination to a victim's account via an attacker account...

4.3CVSS4.6AI score0.015EPSS
Exploits1References3
NVD
NVD
added 2019/09/10 4:15 p.m.28 views

CVE-2019-14730

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a domain from a victim's account via an attacker account...

4.3CVSS4.6AI score0.015EPSS
Exploits1References3
NVD
NVD
added 2019/09/10 4:15 p.m.16 views

CVE-2019-14721

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to remove a target user from phpMyAdmin via an attacker account...

6.5CVSS6.4AI score0.01787EPSS
Exploits2References3
Prion
Prion
added 2019/09/10 4:15 p.m.17 views

Design/Logic Flaw

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to add an e-mail forwarding destination to a victim's account via an attacker account...

4CVSS4.6AI score0.015EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2019/09/10 3:23 p.m.50 views

CVE-2019-14730

CVE-2019-14730 affects CentOS Web Panel 0.9.8.851. The vulnerability is an insecure object reference that allows an attacker with an account to delete a domain from another user’s account. Root cause: insufficient access control around domain management/object references. Impact: unauthorized dom...

4.3CVSS4.6AI score0.015EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2019/09/10 3:19 p.m.56 views

CVE-2019-14726

CVE-2019-14726 affects CentOS Web Panel 0.9.8.851. The issue is an insecure object reference that allows an attacker with an attacker account to access and delete DNS records belonging to a victim’s account. Root cause appears to be insufficient access validation for DNS management objects. Repor...

6.5CVSS5.5AI score0.01333EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2019/09/10 3:16 p.m.53 views

CVE-2019-14723

CVE-2019-14723 affects CentOS Web Panel 0.9.8.851 (CWP). The flaw is an insecure object reference that lets an attacker with an attacker account delete a victim’s e-mail account. Root cause is insufficient access control/object reference handling within the CWP email management flow. Documented i...

4.3CVSS4.6AI score0.015EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder