|
223021
|
4.3 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a domain from a victim's account via an attacker account.
|
NVD-CWE-noinfo
|
CVE-2019-14730
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223022
|
4.3 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a sub-domain from a victim's account via an attacker account.
|
NVD-CWE-noinfo
|
CVE-2019-14729
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223023
|
4.3 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to add an e-mail forwarding destination to a victim's account via an attacker account.
|
NVD-CWE-noinfo
|
CVE-2019-14728
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223024
|
4.3 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail password of a victim account via an attacker account.
|
NVD-CWE-noinfo
|
CVE-2019-14727
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223025
|
5.4 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to access and delete DNS records of a victim's account via an attacker account.
|
NVD-CWE-noinfo
|
CVE-2019-14726
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223026
|
4.3 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a victim's e-mail account via an attacker account.
|
NVD-CWE-noinfo
|
CVE-2019-14723
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223027
|
4.3 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete an e-mail forwarding destination from a victim's account via an attacker account.
|
NVD-CWE-noinfo
|
CVE-2019-14722
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223028
|
6.5 |
MEDIUM
Network
|
control-webpanel
|
webpanel
|
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to remove a target user from phpMyAdmin via an attacker account.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2019-14721
|
2024-11-21 13:27 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223029
|
9.8 |
CRITICAL
Network
|
artifex
redhat
fedoraproject
opensuse
debian
|
ghostscript
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
openshift_container_platform
enterprise_linux_server_eus
enterprise_lin…
|
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A…
|
CWE-863
Incorrect Authorization
|
CVE-2019-14813
|
2024-11-21 13:27 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223030
|
8.8 |
HIGH
Network
|
fusionpbx
|
fusionpbx
|
FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the service_edit.php file (which will insert the malicious command into the database). To …
|
CWE-78
OS Command
|
CVE-2019-15029
|
2024-11-21 13:27 |
2019-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
