Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
control-webpanel webpanel - vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2019-13383
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows malicious users to check whether a username is valid by reading the HTTP response.
Control-webpanel Webpanel 0.9.8.836
1 EDB exploit
505
VMScore
CVE-2018-18323
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/index.php?module=file_editor&file=/../ URI.
Control-webpanel Webpanel 0.9.8.480
1 EDB exploit
490
VMScore
CVE-2019-14721
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to remove a target user from phpMyAdmin via an attacker account.
Control-webpanel Webpanel 0.9.8.851
490
VMScore
CVE-2019-14729
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to delete a sub-domain from a victim's account via an attacker account.
Control-webpanel Webpanel 0.9.8.851
445
VMScore
CVE-2019-14724
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to edit an e-mail forwarding destination of a victim's account via an attacker account.
Control-webpanel Webpanel 0.9.8.851
445
VMScore
CVE-2019-13599
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.848, the Login process allows malicious users to check whether a username is valid by comparing response times.
Control-webpanel Webpanel 0.9.8.848
435
VMScore
CVE-2018-18774
CentOS-WebPanel.com (aka CWP) CentOS Web Panel up to and including 0.9.8.740 allows XSS via the admin/index.php module parameter.
Control-webpanel Webpanel
1 EDB exploit
435
VMScore
CVE-2018-18324
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has XSS via the admin/fileManager2.php fm_current_dir parameter, or the admin/index.php module, service_start, service_fullstatus, service_restart, service_stop, or file (within the file_editor) parameter.
Control-webpanel Webpanel 0.9.8.480
1 EDB exploit
383
VMScore
CVE-2022-25047
The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.
Control-webpanel Webpanel 0.9.8.1126
383
VMScore
CVE-2019-13477
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, CSRF in the forgot password function allows an malicious user to change the password for the root account.
Control-webpanel Webpanel 0.9.8.837
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »