Published: 13/05/2019 Updated: 24/01/2023

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 4.8 | Impact Score: 2.7 | Exploitability Score: 1.7

VMScore: 355

Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version), 0.9.8.753 (Pro) and 0.9.8.807 (Pro) is vulnerable to Reflected XSS for the "Domain" field on the "DNS Functions > "Add DNS Zone" screen.

Vulnerable Product	Search on Vulmon	Subscribe to Product
control-webpanel webpanel 0.9.8.793
control-webpanel webpanel 0.9.8.807
control-webpanel webpanel 0.9.8.753

# Exploit Title: CentOS Web Panel - Domain Field (Add DNS Zone) Cross-Site Scripting Vulnerability # Google Dork: N/A # Date: 22 - April - 2019 # Exploit Author: DKM # Vendor Homepage: centos-webpanelcom # Software Link: centos-webpanelcom # Version: v098793 (Free), v098753 (Pro) and 098807 (Pro) # Tested on: CentOS 7 # CVE ...

CentOS Web Panel versions 098793 (Free), 098753 (Pro), and 098807 (Pro) suffer from a domain field (Add DNS Zone) cross site scripting vulnerability ...

CWE-79 https://www.exploit-db.com/exploits/46784/https://CentOS-WebPanel.com http://packetstormsecurity.com/files/152696/CentOS-Web-Panel-Domain-Field-Cross-Site-Scripting.html https://nvd.nist.gov https://www.exploit-db.com/exploits/46784

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-11429

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect