Control-Webpanel: >> Webpanel Security Vulnerabilities
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Command Injection via shell metacharacters in the admin/index.php service_start, service_restart, service_fullstatus, or service_stop parameter.
CVSS Score
9.8
EPSS Score
0.094
Published
2018-10-15
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/index.php?module=file_editor&file=/../ URI.
CVSS Score
7.5
EPSS Score
0.846
Published
2018-10-15
CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has XSS via the `module` value of the `index.php` file.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-01-22
index.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has XSS via the id parameter to the phpini_editor module or the email_address parameter to the mail_add-new module.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-01-22
Page 9