Webpanel@0.9.8.836 Security Vulnerabilities and Issues — Webpanel@0.9.8.836 CVE List

Lucene search

Control-webpanelWebpanel0.9.8.836

4 matches found

CVE•added 2019/07/16 6:15 p.m.•223 views

CVE-2019-13359

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv-xxx cookie allows a normal user to craft and upload a session file to the /tmp directory, and use it to become the root user.

8.5CVSS7.5AI score0.29151EPSS

CVE•added 2019/07/16 5:15 p.m.•170 views

CVE-2019-13605

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker must defeat an encoding that is not equivalent to base64, and thus this is different from CVE-2019-...

8.8CVSS9.2AI score0.27295EPSS

CVE•added 2019/07/16 5:15 p.m.•166 views

CVE-2019-13383

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response.

5.3CVSS5.2AI score0.20738EPSS

CVE•added 2019/07/16 5:15 p.m.•157 views

CVE-2019-13360

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass authentication in the login process by leveraging knowledge of a valid username.

9.8CVSS9.2AI score0.27295EPSS