Vulnerabilities > Control Webpanel > Webpanel > 0.9.8.753

DATE CVE VULNERABILITY TITLE RISK
2022-07-07 CVE-2022-25046 Path Traversal vulnerability in Control-Webpanel Webpanel
A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request.
network
low complexity
control-webpanel CWE-22
critical
 9.8
9.8
2019-05-13 CVE-2019-11429 Cross-site Scripting vulnerability in Control-Webpanel Webpanel 0.9.8.753/0.9.8.793/0.9.8.807
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open Source Version), 0.9.8.753 (Pro) and 0.9.8.807 (Pro) is vulnerable to Reflected XSS for the "Domain" field on the "DNS Functions > "Add DNS Zone" screen.
network
low complexity
control-webpanel CWE-79
4.8
4.8