cve/CVE-2019-16295.md at 594c8e952101730b1f9f9e6ac2afce8de85a4446

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

Stored XSS in filemanager2.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.885 exists via the cmd_arg parameter. This can be exploited by a local attacker who supplies a crafted filename within a directory visited by the victim.

POC

Reference

http://packetstormsecurity.com/files/154990/CWP-0.9.8.885-Cross-Site-Scripting.html

Github

https://github.com/i3umi3iei3ii/CentOS-Control-Web-Panel-CVE

785 B Raw Blame History

CVE-2019-16295

Description

POC

Reference

Github

785 B

Raw Blame History