Vulnerabilities > Centos Webpanel > Centos WEB Panel > 0.9.8.851

DATE CVE VULNERABILITY TITLE RISK
2019-08-21 CVE-2019-14246 Authorization Bypass Through User-Controlled Key vulnerability in Centos-Webpanel Centos web Panel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to discover phpMyAdmin passwords (of any user in /etc/passwd) via an attacker account.
network
low complexity
centos-webpanel CWE-639
6.5
6.5
2019-08-21 CVE-2019-14245 Authorization Bypass Through User-Controlled Key vulnerability in Centos-Webpanel Centos web Panel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete databases (such as oauthv2) from the server via an attacker account.
network
low complexity
centos-webpanel CWE-639
6.5
6.5