Vulnerabilities > CVE-2019-14729 - Unspecified vulnerability in Control-Webpanel Webpanel 0.9.8.851

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
control-webpanel

Summary

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a sub-domain from a victim's account via an attacker account.

Vulnerable Configurations

Part Description Count
Application
Control-Webpanel
1

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/154404/cwp098851-removeuser.txt
idPACKETSTORM:154404
last seen2019-09-10
published2019-09-09
reporterPongtorn Angsuchotmetee
sourcehttps://packetstormsecurity.com/files/154404/Control-Web-Panel-0.9.8.851-Privilege-Escalation.html
titleControl Web Panel 0.9.8.851 Privilege Escalation