Vulnerabilities > Control Webpanel > Webpanel > 0.9.8.851

DATE CVE VULNERABILITY TITLE RISK
2019-09-10 CVE-2019-14726 Unspecified vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to access and delete DNS records of a victim's account via an attacker account.
network
low complexity
control-webpanel
5.4
5.4
2019-09-10 CVE-2019-14723 Unspecified vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a victim's e-mail account via an attacker account.
network
low complexity
control-webpanel
4.3
4.3
2019-09-10 CVE-2019-14722 Unspecified vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete an e-mail forwarding destination from a victim's account via an attacker account.
network
low complexity
control-webpanel
4.3
4.3
2019-09-10 CVE-2019-14721 Authorization Bypass Through User-Controlled Key vulnerability in Control-Webpanel Webpanel 0.9.8.851
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to remove a target user from phpMyAdmin via an attacker account.
network
low complexity
control-webpanel CWE-639
6.5
6.5