In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8...
Moderate severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Mar 3, 2023
Description
Published by the National Vulnerability Database
Aug 21, 2019
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Mar 3, 2023
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to discover phpMyAdmin passwords (of any user in /etc/passwd) via an attacker account.
References