Vulnerabilities > Control Webpanel

DATE CVE VULNERABILITY TITLE RISK
2019-09-11 CVE-2019-14725 Authorization Bypass Through User-Controlled Key vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account.
network
low complexity
control-webpanel CWE-639
4.3
2019-09-11 CVE-2019-14724 Authorization Bypass Through User-Controlled Key vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account.
network
low complexity
control-webpanel CWE-639
7.5
2019-09-10 CVE-2019-14730 Unspecified vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a domain from a victim's account via an attacker account.
network
low complexity
control-webpanel
4.3
2019-09-10 CVE-2019-14729 Unspecified vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a sub-domain from a victim's account via an attacker account.
network
low complexity
control-webpanel
4.3
2019-09-10 CVE-2019-14728 Unspecified vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to add an e-mail forwarding destination to a victim's account via an attacker account.
network
low complexity
control-webpanel
4.3
2019-09-10 CVE-2019-14727 Unspecified vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail password of a victim account via an attacker account.
network
low complexity
control-webpanel
4.3
2019-09-10 CVE-2019-14726 Unspecified vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to access and delete DNS records of a victim's account via an attacker account.
network
low complexity
control-webpanel
5.4
2019-09-10 CVE-2019-14723 Unspecified vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a victim's e-mail account via an attacker account.
network
low complexity
control-webpanel
4.3
2019-09-10 CVE-2019-14722 Unspecified vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete an e-mail forwarding destination from a victim's account via an attacker account.
network
low complexity
control-webpanel
4.3
2019-09-10 CVE-2019-14721 Authorization Bypass Through User-Controlled Key vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to remove a target user from phpMyAdmin via an attacker account.
network
low complexity
control-webpanel CWE-639
6.5