Lucene search
Control-webpanelWebpanel
3 matches found
CVE-2022-25046
A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request.
10CVSS9.4AI score0.01345EPSS
CVE-2022-25048
Command injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as the root user.
9CVSS8.8AI score0.27534EPSS
CVE-2022-25047
The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.
5.9CVSS5.9AI score0.0012EPSS