Vulnerabilities > Control Webpanel > Webpanel > 0.9.8.840

DATE CVE VULNERABILITY TITLE RISK
2022-07-07 CVE-2022-25046 Path Traversal vulnerability in Control-Webpanel Webpanel
A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request.
network
low complexity
control-webpanel CWE-22
critical
 9.8
9.8
2019-07-26 CVE-2019-13385 Path Traversal vulnerability in Control-Webpanel Webpanel 0.9.8.840
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.840, File and Directory Information Exposure in filemanager allows attackers to enumerate users and check for active users of the application by reading /tmp/login.log.
network
low complexity
control-webpanel CWE-22
4.3
4.3