Vulnerabilities > Control Webpanel > Webpanel > 0.9.8.840
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-07 | CVE-2022-25046 | Path Traversal vulnerability in Control-Webpanel Webpanel A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request. | 9.8 |
2019-07-26 | CVE-2019-13385 | Path Traversal vulnerability in Control-Webpanel Webpanel 0.9.8.840 In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.840, File and Directory Information Exposure in filemanager allows attackers to enumerate users and check for active users of the application by reading /tmp/login.log. | 4.3 |