Showing 1 - 1 of 1

CVE-2019-14782

Status Candidate

Overview

CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to make a request to extract the victim's password (for the OS and phpMyAdmin) via an attacker account.

Related Files

Control Web Panel 0.9.8.864 phpMyAdmin Password Disclosure: Posted Dec 16, 2019; Authored by Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak; Control Web Panel versions 0.9.8.856 through 0.9.8.864 suffer from a phpMyAdmin password disclosure vulnerability.; tags | exploit, web, info disclosure; advisories | CVE-2019-14782, CVE-2019-15235; SHA-256 | c661bc2925cdd92f9d846c7e14852253f037e5ec12e6ad38447d28372e27afbe; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 239 files
indoushka 139 files
Ubuntu 79 files
Gentoo 33 files
Debian 26 files
Sebastian Hamann 8 files
Jann Horn 7 files
Google Security Research 6 files
Moritz Abrell 6 files
Jaggar Henry 6 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,110)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,941)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,657)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,783)
UNIX (9,443)
UnixWare (187)
Windows (6,679)
Other

CVE-2019-14782

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems