Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

centos-webpanel vulnerabilities and exploits

(subscribe to this query)
10
CVSSv2
CVE-2020-15609
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_dashboard.php. When parsing the service_s...
Centos-webpanel Centos Web Panel 17.0.9.8.923
5.5
CVSSv2
CVE-2019-14245
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to delete databases (such as oauthv2) from the server via an attacker account.
Centos-webpanel Centos Web Panel 0.9.8.851
4
CVSSv2
CVE-2019-14246
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to discover phpMyAdmin passwords (of any user in /etc/passwd) via an attacker account.
Centos-webpanel Centos Web Panel 0.9.8.851
6.5
CVSSv2
CVE-2019-13386
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows malicious users to execute a shell command, i.e., obtain a reverse shell with user privilege.
Centos-webpanel Centos Web Panel 0.9.8.846
3.5
CVSSv2
CVE-2019-10893
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version) and 0.9.8.753 (Pro) is vulnerable to Stored/Persistent XSS for Admin Email fields on the "CWP Settings > "Edit Settings" screen. By changing the email ID to any XSS Payload and c...
Centos-webpanel Centos Web Panel 0.9.8.753Centos-webpanel Centos Web Panel 0.9.8.793
3.5
CVSSv2
CVE-2019-10261
CentOS Web Panel (CWP) 0.9.8.789 is vulnerable to Stored/Persistent XSS for the "Name Server 1" and "Name Server 2" fields via a "DNS Functions" "Edit Nameservers IPs" action.
Centos-webpanel Centos Web Panel 0.9.8.789
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook