Control-webpanel

Webpanel

85 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2022-25046

Exploit
  • EPSS 4.12%
  • Veröffentlicht 07.07.2022 12:15:09
  • Zuletzt bearbeitet 21.11.2024 06:51:35

A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request.

10

CVE-2021-31324

Exploit
  • EPSS 78.46%
  • Veröffentlicht 18.05.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 06:05:25

The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability leading to root Remote Code Execution.

10

CVE-2021-31316

Exploit
  • EPSS 59.76%
  • Veröffentlicht 18.05.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 06:05:24

The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession' HTTP POST parameter.

7.8

CVE-2020-15621

  • EPSS 1.09%
  • Veröffentlicht 28.07.2020 17:15:15
  • Zuletzt bearbeitet 21.11.2024 05:05:53

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_mail_auto...

7.8

CVE-2020-15622

  • EPSS 1.09%
  • Veröffentlicht 28.07.2020 17:15:15
  • Zuletzt bearbeitet 21.11.2024 05:05:53

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_mail_auto...

10

CVE-2020-15623

  • EPSS 3.16%
  • Veröffentlicht 28.07.2020 17:15:15
  • Zuletzt bearbeitet 21.11.2024 05:05:53

This vulnerability allows remote attackers to write arbitrary files on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_mod_security.php. ...

7.8

CVE-2020-15624

  • EPSS 1.09%
  • Veröffentlicht 28.07.2020 17:15:15
  • Zuletzt bearbeitet 21.11.2024 05:05:53

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_new_accou...

7.8

CVE-2020-15626

  • EPSS 1.09%
  • Veröffentlicht 28.07.2020 17:15:15
  • Zuletzt bearbeitet 21.11.2024 05:05:53

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_dashboard...

7.8

CVE-2020-15627

  • EPSS 1.09%
  • Veröffentlicht 28.07.2020 17:15:15
  • Zuletzt bearbeitet 21.11.2024 05:05:53

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_mail_auto...

7.8

CVE-2020-15628

  • EPSS 1.09%
  • Veröffentlicht 28.07.2020 17:15:15
  • Zuletzt bearbeitet 21.11.2024 05:05:53

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajax_mail_auto...