Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centos vulnerabilities and exploits
(subscribe to this query)
436
VMScore
CVE-2007-6283
Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.
Redhat Enterprise Linux 5.0
Fedoraproject Fedora Core
Oracle Linux 5.0
Centos Centos 5
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux For Ibm Z Systems 5.0 S390x
Redhat Enterprise Linux For Power Big Endian 5.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
855
VMScore
CVE-2019-13359
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv-xxx cookie allows a normal user to craft and upload a session file to the /tmp directory, and use it to become the root user.
Control-webpanel Webpanel 0.9.8.836
1 EDB exploit
755
VMScore
CVE-2019-13360
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote attackers can bypass authentication in the login process by leveraging knowledge of a valid username.
Control-webpanel Webpanel 0.9.8.836
1 EDB exploit
505
VMScore
CVE-2019-13383
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows malicious users to check whether a username is valid by reading the HTTP response.
Control-webpanel Webpanel 0.9.8.836
1 EDB exploit
655
VMScore
CVE-2019-13605
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.846, remote attackers can bypass authentication in the login process by leveraging the knowledge of a valid username. The attacker must defeat an encoding that is not equivalent to base64, and thus this is diffe...
Control-webpanel Webpanel 0.9.8.836
1 EDB exploit
355
VMScore
CVE-2019-7646
CentOS-WebPanel.com (aka CWP) CentOS Web Panel up to and including 0.9.8.763 is vulnerable to Stored/Persistent XSS for the "Package Name" field via the add_package module parameter.
Control-webpanel Webpanel
1 EDB exploit
1 Github repository
685
VMScore
CVE-2018-18773
CentOS-WebPanel.com (aka CWP) CentOS Web Panel up to and including 0.9.8.740 allows CSRF via admin/index.php?module=rootpwd, as demonstrated by changing the root password.
Control-webpanel Webpanel
1 EDB exploit
435
VMScore
CVE-2018-18774
CentOS-WebPanel.com (aka CWP) CentOS Web Panel up to and including 0.9.8.740 allows XSS via the admin/index.php module parameter.
Control-webpanel Webpanel
1 EDB exploit
685
VMScore
CVE-2018-18772
CentOS-WebPanel.com (aka CWP) CentOS Web Panel up to and including 0.9.8.740 allows CSRF via admin/index.php?module=send_ssh, as demonstrated by executing an arbitrary OS command.
Control-webpanel Webpanel
1 EDB exploit
755
VMScore
CVE-2018-18322
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Command Injection via shell metacharacters in the admin/index.php service_start, service_restart, service_fullstatus, or service_stop parameter.
Control-webpanel Webpanel 0.9.8.480
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »