Vulnerabilities > CVE-2019-13383 - Information Exposure Through Discrepancy vulnerability in Control-Webpanel Webpanel 0.9.8.836

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

control-webpanel

CWE-203

exploit available

NVD

Published: 2019-07-16

Updated: 2023-01-24

Summary

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response.

Vulnerable Configurations

Part	Description	Count
Application	Control-Webpanel Control Webpanel Webpanel 0.9.8.836	1

Common Weakness Enumeration (CWE)

CWE-203 - Information Exposure Through Discrepancy

Exploit-Db

id	EDB-ID:47125
last seen	2019-07-16
modified	2019-07-16
published	2019-07-16
reporter	Exploit-DB
source	https://www.exploit-db.com/download/47125
title	CentOS Control Web Panel 0.9.8.838 - User Enumeration

Packetstorm

data source	https://packetstormsecurity.com/files/download/153667/centoscwp098-enumerate.txt
id	PACKETSTORM:153667
last seen	2019-07-17
published	2019-07-16
reporter	Pongtorn Angsuchotmetee
source	https://packetstormsecurity.com/files/153667/CentOS-Control-Web-Panel-0.9.8.838-User-Enumeration.html
title	CentOS Control Web Panel 0.9.8.838 User Enumeration

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

Packetstorm

References