Vulnerabilities > CVE-2019-13383 - Information Exposure Through Discrepancy vulnerability in Control-Webpanel Webpanel 0.9.8.836
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
id | EDB-ID:47125 |
last seen | 2019-07-16 |
modified | 2019-07-16 |
published | 2019-07-16 |
reporter | Exploit-DB |
source | https://www.exploit-db.com/download/47125 |
title | CentOS Control Web Panel 0.9.8.838 - User Enumeration |
Packetstorm
data source | https://packetstormsecurity.com/files/download/153667/centoscwp098-enumerate.txt |
id | PACKETSTORM:153667 |
last seen | 2019-07-17 |
published | 2019-07-16 |
reporter | Pongtorn Angsuchotmetee |
source | https://packetstormsecurity.com/files/153667/CentOS-Control-Web-Panel-0.9.8.838-User-Enumeration.html |
title | CentOS Control Web Panel 0.9.8.838 User Enumeration |
References
- http://packetstormsecurity.com/files/153667/CentOS-Control-Web-Panel-0.9.8.838-User-Enumeration.html
- http://packetstormsecurity.com/files/153667/CentOS-Control-Web-Panel-0.9.8.838-User-Enumeration.html
- https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE/blob/master/CVE-2019-13383.md
- https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE/blob/master/CVE-2019-13383.md
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010