Webpanel Security Vulnerabilities and Issues — Webpanel CVE List

Lucene search

Control-webpanelWebpanel

6 matches found

CVE•added 2019/07/16 5:15 p.m.•166 views

CVE-2019-13383

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response.

5.3CVSS5.2AI score0.20738EPSS

CVE•added 2022/07/07 12:15 p.m.•48 views

CVE-2022-25047

The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.

5.9CVSS5.9AI score0.0012EPSS

CVE•added 2019/05/21 6:29 p.m.•45 views

CVE-2019-12190

XSS was discovered in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.747 via the testacc/fileManager2.php fm_current_dir or filename parameter.

5.4CVSS5.3AI score0.00206EPSS

CVE•added 2019/09/10 4:15 p.m.•41 views

CVE-2019-14729

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a sub-domain from a victim's account via an attacker account.

5.5CVSS4.6AI score0.00613EPSS

CVE•added 2019/08/21 7:15 p.m.•39 views

CVE-2019-13599

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.848, the Login process allows attackers to check whether a username is valid by comparing response times.

5.3CVSS5.2AI score0.04574EPSS

CVE•added 2019/08/21 8:15 p.m.•38 views

CVE-2019-13476

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, XSS in the domain parameter allows a low-privilege user to achieve root access via the email list page.

5.4CVSS5.2AI score0.00161EPSS