Vulnerabilities (CVE)

Filtered by vendor Control-webpanel Subscribe

Filtered by product Webpanel

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-25047	1 Control-webpanel	1 Webpanel	2022-07-14	4.3 MEDIUM	5.9 MEDIUM
The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.
CVE-2022-25048	1 Control-webpanel	1 Webpanel	2022-07-14	9.0 HIGH	8.8 HIGH
Command injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as the root user.
CVE-2022-25046	1 Control-webpanel	1 Webpanel	2022-07-14	10.0 HIGH	9.8 CRITICAL
A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request.