Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8.864 allows an attacker to get a victim's session file name from the /tmp directory, and the victim's token value from /usr/local/cwpsrv/logs/access_log, then use them to make a request to extract the victim's password (for the OS and phpMyAdmin) via an attacker account.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CentOS Web Panel 日志信息泄露漏洞
Vulnerability Description
CentOS Web Panel(CWP)是一款免费的虚拟主机控制面板。 Control Web Panel 0.9.8.856版本至0.9.8.864版本中存在安全漏洞。攻击者可利用该漏洞泄露密码。
CVSS Information
N/A
Vulnerability Type
N/A