Total
84 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-13385 | 1 Control-webpanel | 1 Webpanel | 2023-01-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.840, File and Directory Information Exposure in filemanager allows attackers to enumerate users and check for active users of the application by reading /tmp/login.log. | |||||
| CVE-2022-25046 | 1 Control-webpanel | 1 Webpanel | 2023-01-24 | 10.0 HIGH | 9.8 CRITICAL |
| A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request. | |||||
| CVE-2022-25047 | 1 Control-webpanel | 1 Webpanel | 2023-01-24 | 4.3 MEDIUM | 5.9 MEDIUM |
| The password reset token in CWP v0.9.8.1126 is generated using known or predictable values. | |||||
| CVE-2022-25048 | 1 Control-webpanel | 1 Webpanel | 2022-07-14 | 9.0 HIGH | 8.8 HIGH |
| Command injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as the root user. | |||||