2 results (0.010 seconds)

CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 3

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to discover phpMyAdmin passwords (of any user in /etc/passwd) via an attacker account. En CentOS-WebPanel.com (también conocido como CWP) CentOS Web Panel versión 0.9.8.851, una referencia de objeto insegura permite a un atacante descubrir contraseñas phpMyAdmin (de cualquier usuario en / etc / passwd) a través de una cuenta de atacante. CentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.851 allows an attacker to change arbitrary passwords. • http://packetstormsecurity.com/files/154156/CentOS-Control-Web-Panel-CWP-0.9.8.851-phpMyAdmin-Password-Change.html http://packetstormsecurity.com/files/154156/CentOS-WebPanel.com-CentOS-Control-Web-Panel-CWP-0.9.8.851-phpMyAdmin-Password-Change.html http://packetstormsecurity.com/files/154156/CentOS-WebPanel.com-Control-Web-Panel-CWP-0.9.8.851-phpMyAdmin-Password-Change.html https://centos-webpanel.com/changelog-cwp7 • CWE-639: Authorization Bypass Through User-Controlled Key •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 3

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete databases (such as oauthv2) from the server via an attacker account. En CentOS-WebPanel.com (también conocido como CWP) CentOS Web Panel versión 0.9.8.851, una referencia de objeto insegura permite a un atacante eliminar bases de datos (como oauthv2) del servidor a través de una cuenta de atacante. CentOS-WebPanel.com Control Web Panel (CWP) version 0.9.8.851 suffers from an arbitrary database dropping vulnerability. • http://packetstormsecurity.com/files/154155/CentOS-Control-Web-Panel-CWP-0.9.8.851-Arbitrary-Database-Drop.html http://packetstormsecurity.com/files/154155/CentOS-WebPanel.com-CentOS-Control-Web-Panel-CWP-0.9.8.851-Arbitrary-Database-Drop.html http://packetstormsecurity.com/files/154155/CentOS-WebPanel.com-Control-Web-Panel-CWP-0.9.8.851-Arbitrary-Database-Drop.html https://centos-webpanel.com/changelog-cwp7 • CWE-639: Authorization Bypass Through User-Controlled Key •