Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web panel vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-2035
Cross-site scripting (XSS) vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) prior to 5.0.13 build 574 allows remote malicious users to inject arbitrary web script or HTML via the i parameter.
Interworx Web Control Panel 5.0.12
Interworx Web Control Panel 5.0.11
Interworx Web Control Panel 5.0.10
Interworx Web Control Panel 5.0
Interworx Web Control Panel
3.5
CVSSv2
CVE-2019-10893
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version) and 0.9.8.753 (Pro) is vulnerable to Stored/Persistent XSS for Admin Email fields on the "CWP Settings > "Edit Settings" screen. By changing the email ID to any XSS Payload and c...
Centos-webpanel Centos Web Panel 0.9.8.753
Centos-webpanel Centos Web Panel 0.9.8.793
10
CVSSv2
CVE-2016-10043
An issue exists in Radisys MRF Web Panel (SWMS) 9.0.1. The MSM_MACRO_NAME POST parameter in /swms/ms.cgi exists to be vulnerable to OS command injection attacks. It is possible to use the pipe character (|) to inject arbitrary OS commands and retrieve the output in the applicatio...
Mrf Web Panel 9.0.1
1 EDB exploit
6.5
CVSSv2
CVE-2014-2531
SQL injection vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) prior to 5.0.14 build 577 allows remote authenticated users to execute arbitrary SQL commands via the i parameter in a search action to the (1) NodeWorx , ...
Interworx Web Control Panel
1 EDB exploit
4.3
CVSSv2
CVE-2007-4589
Multiple cross-site scripting (XSS) vulnerabilities in InterWorx Hosting Control Panel (InterWorx-CP) Webmaster Level (SiteWorx) 3.0.2 (1) allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to index.php; and allow remote authenticated users to i...
Interworx Web Control Panel 3.0.2
4.3
CVSSv2
CVE-2007-4588
Multiple cross-site scripting (XSS) vulnerabilities in InterWorx Hosting Control Panel (InterWorx-CP) Server Admin Level (NodeWorx) 3.0.2 (1) allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to index.php; and allow remote authenticated users t...
Interworx Web Control Panel 3.0.2
6.5
CVSSv2
CVE-2019-13386
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows malicious users to execute a shell command, i.e., obtain a reverse shell with user privilege.
Centos-webpanel Centos Web Panel 0.9.8.846
1 Github repository
5.5
CVSSv2
CVE-2019-14245
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to delete databases (such as oauthv2) from the server via an attacker account.
Centos-webpanel Centos Web Panel 0.9.8.851
4
CVSSv2
CVE-2019-14246
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to discover phpMyAdmin passwords (of any user in /etc/passwd) via an attacker account.
Centos-webpanel Centos Web Panel 0.9.8.851
3.5
CVSSv2
CVE-2019-10261
CentOS Web Panel (CWP) 0.9.8.789 is vulnerable to Stored/Persistent XSS for the "Name Server 1" and "Name Server 2" fields via a "DNS Functions" "Edit Nameservers IPs" action.
Centos-webpanel Centos Web Panel 0.9.8.789
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »