Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web panel vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2035
Cross-site scripting (XSS) vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) prior to 5.0.13 build 574 allows remote malicious users to inject arbitrary web script or HTML via the i parameter.
Interworx Web Control Panel 5.0.12
Interworx Web Control Panel 5.0.11
Interworx Web Control Panel 5.0.10
Interworx Web Control Panel 5.0
Interworx Web Control Panel
4.8
CVSSv3
CVE-2019-10893
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version) and 0.9.8.753 (Pro) is vulnerable to Stored/Persistent XSS for Admin Email fields on the "CWP Settings > "Edit Settings" screen. By changing the email ID to any XSS Payload and c...
Centos-webpanel Centos Web Panel 0.9.8.753
Centos-webpanel Centos Web Panel 0.9.8.793
10
CVSSv3
CVE-2016-10043
An issue exists in Radisys MRF Web Panel (SWMS) 9.0.1. The MSM_MACRO_NAME POST parameter in /swms/ms.cgi exists to be vulnerable to OS command injection attacks. It is possible to use the pipe character (|) to inject arbitrary OS commands and retrieve the output in the applicatio...
Mrf Web Panel 9.0.1
1 EDB exploit
NA
CVE-2014-2531
SQL injection vulnerability in xhr.php in InterWorx Web Control Panel (aka InterWorx Hosting Control Panel and InterWorx-CP) prior to 5.0.14 build 577 allows remote authenticated users to execute arbitrary SQL commands via the i parameter in a search action to the (1) NodeWorx , ...
Interworx Web Control Panel
1 EDB exploit
NA
CVE-2007-4589
Multiple cross-site scripting (XSS) vulnerabilities in InterWorx Hosting Control Panel (InterWorx-CP) Webmaster Level (SiteWorx) 3.0.2 (1) allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to index.php; and allow remote authenticated users to i...
Interworx Web Control Panel 3.0.2
NA
CVE-2007-4588
Multiple cross-site scripting (XSS) vulnerabilities in InterWorx Hosting Control Panel (InterWorx-CP) Server Admin Level (NodeWorx) 3.0.2 (1) allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to index.php; and allow remote authenticated users t...
Interworx Web Control Panel 3.0.2
9.8
CVSSv3
CVE-2020-15609
This vulnerability allows remote malicious users to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_dashboard.php. When parsing the service_s...
Centos-webpanel Centos Web Panel 17.0.9.8.923
6.5
CVSSv3
CVE-2019-14245
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an malicious user to delete databases (such as oauthv2) from the server via an attacker account.
Centos-webpanel Centos Web Panel 0.9.8.851
4.8
CVSSv3
CVE-2019-10261
CentOS Web Panel (CWP) 0.9.8.789 is vulnerable to Stored/Persistent XSS for the "Name Server 1" and "Name Server 2" fields via a "DNS Functions" "Edit Nameservers IPs" action.
Centos-webpanel Centos Web Panel 0.9.8.789
1 EDB exploit
8.8
CVSSv3
CVE-2019-13386
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows malicious users to execute a shell command, i.e., obtain a reverse shell with user privilege.
Centos-webpanel Centos Web Panel 0.9.8.846
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »