Webpanel

webpanel

CVEs (85)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-18324 1Control Webpanel 1Webpanel Nov 21, 2024 Oct 15, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has XSS via the admin/fileManager2.php fm_current_dir parameter, or the admin/index.php module, service_start, service_fullstatus, service_restart, service_stop, o...Show more CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has XSS via the admin/fileManager2.php fm_current_dir parameter, or the admin/index.php module, service_start, service_fullstatus, service_restart, service_stop, or file (within the file_editor) parameter.Show less
CVE-2018-18323 1Control Webpanel 1Webpanel Nov 21, 2024 Oct 15, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/index.php?module=file_editor&file=/../ URI.
CVE-2018-18322 1Control Webpanel 1Webpanel Nov 21, 2024 Oct 15, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Command Injection via shell metacharacters in the admin/index.php service_start, service_restart, service_fullstatus, or service_stop parameter.
CVE-2018-5962 1Control Webpanel 1Webpanel Nov 21, 2024 Jan 22, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 index.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has XSS via the id parameter to the phpini_editor module or the email_address parameter to the mail_add-new module.
CVE-2018-5961 1Control Webpanel 1Webpanel Nov 21, 2024 Jan 22, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has XSS via the `module` value of the `index.php` file.

Previous 1 2 3 45