Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centos web panel vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-14726
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to access and delete DNS records of a victim's account via an attacker account.
Control-webpanel Webpanel 0.9.8.851
4
CVSSv2
CVE-2019-14727
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to change the e-mail password of a victim account via an attacker account.
Control-webpanel Webpanel 0.9.8.851
4
CVSSv2
CVE-2019-14728
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to add an e-mail forwarding destination to a victim's account via an attacker account.
Control-webpanel Webpanel 0.9.8.851
5.5
CVSSv2
CVE-2019-14729
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to delete a sub-domain from a victim's account via an attacker account.
Control-webpanel Webpanel 0.9.8.851
5.5
CVSSv2
CVE-2019-14721
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to remove a target user from phpMyAdmin via an attacker account.
Control-webpanel Webpanel 0.9.8.851
4
CVSSv2
CVE-2019-14723
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to delete a victim's e-mail account via an attacker account.
Control-webpanel Webpanel 0.9.8.851
4
CVSSv2
CVE-2019-14730
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to delete a domain from a victim's account via an attacker account.
Control-webpanel Webpanel 0.9.8.851
4
CVSSv2
CVE-2019-14722
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to delete an e-mail forwarding destination from a victim's account via an attacker account.
Control-webpanel Webpanel 0.9.8.851
3.5
CVSSv2
CVE-2019-13476
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, XSS in the domain parameter allows a low-privilege user to achieve root access via the email list page.
Control-webpanel Webpanel 0.9.8.837
5
CVSSv2
CVE-2019-13599
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.848, the Login process allows malicious users to check whether a username is valid by comparing response times.
Control-webpanel Webpanel 0.9.8.848
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »