Control Web Panel 7 versions prior to 0.9.8.1147 suffer from an unauthenticated remote code execution vulnerability.
698ef6e35dc8ca09f1857de4c6b56f25be500ed741ecd49ee2cd7f5d8dbf30efControl Web Panel versions prior to 0.9.8.1147 are vulnerable to unauthenticated OS command injection. Successful exploitation results in code execution as the root user. The results of the command are not contained within the HTTP response and the request will block while the command is running.
00cb85e5ab25f2d5091aa8c72d9d5252d08919dce9dbd37743bea7469e5dbc51Control Web Panel versions 0.9.8.856 through 0.9.8.864 suffer from a phpMyAdmin password disclosure vulnerability.
c661bc2925cdd92f9d846c7e14852253f037e5ec12e6ad38447d28372e27afbeCWP version 0.9.8.885 suffers from a persistent cross site scripting vulnerability.
1e30b9a1cef9990d51535e8f59699eec7d4a71b0c5a8e2c0fa870eb5a8df08e9Control Web Panel version 0.9.8.851 suffers from multiple privilege escalation vulnerabilities.
e6ce381103bbd4b17c04a857140df6e826e521130a7f2572cbafc0f30e42b80cCentOS version 7.6.1810 with Control Web Panel version 0.9.8.837 suffers from a cross site request forgery vulnerability.
ac74f5f7b06a995d875030245867e034334374afc0f014487faf49f644264983CentOS version 7.6.1810 with Control Web Panel version 0.9.8.837 suffers from a persistent cross site scripting vulnerability.
75c43595c2ca8facaf005e68f433a5fb50f881898e16454e23e33907ffc28ffcCentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.851 allows an attacker to change arbitrary passwords.
4efb27420a227e97715e7d7be24416f052d4c5a363d45dce305d0340da388115CentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.851 suffers from an arbitrary database dropping vulnerability.
1d6d82560f3b4ba4f1c6c891801038a74f7372c46e8936527195f907db40fd4fCentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.848 suffers from a user enumeration vulnerability.
cc0c55ccdb42fd51d11a4b01419284a4bc4b629d40b00b2b4ccebe57d7de4456CentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.846 suffers from a reflective cross site scripting vulnerability.
8b1c696a73f9bac0e96c917432a4e295ca1c20adf0976f10d1b7af7562e21405CentOS-WebPanel.com Control Web Panel (CWP) versions 0.9.8.836 through 0.9.8.840 suffer from a user enumeration vulnerability.
249523e5b9f8b707a9f33250984e1a77d557a89613eb737528f2c8b3cd52a307CentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.836 suffers from a remote command execution vulnerability.
f863e7a790b489ddb7c3a435fcfb5db2ed269f587f3614f2de0db4a51a1190fcCentOS Control Web Panel version 0.9.8.838 suffers from a user enumeration vulnerability.
b55ea54a095856957512695c02953fa262909e4b5e12d1708989b7bae539bd95CentOS Control Web Panel version 0.9.8.836 suffers from an authentication bypass vulnerability.
56140eff369b0e1d3f217bda727af43d8f0f5ceb66c1dcb4909cca19c89f6159CentOS Control Web Panel version 0.9.8.836 suffers from a privilege escalation vulnerability.
6786ad452c534bb2d1a1aaaed04c6ae8ce8e9dea3946bcbb6f5b478fb4cac7ffCode Widgets Pop-Over Login Form suffers from a remote SQL injection vulnerability that allows for authentication bypass.
bdbf462c572d42d18b0dbe4c745bb4ef7bf3a9d17183ba7556dd3c0e21d31c13
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed