CVE-2019-16295 - OpenCVE

Stored XSS in filemanager2.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.885 exists via the cmd_arg parameter. This can be exploited by a local attacker who supplies a crafted filename within a directory visited by the victim.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:L/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Control-webpanel	Webpanel

Configuration 1 [-]

cpe:2.3:a:control-webpanel:webpanel:0.9.8.855:*:*:*:*:*:*:*

References

Link	Resource
http://packetstormsecurity.com/files/154990/CWP-0.9.8.885-Cross-Site-Scripting.html	Exploit Third Party Advisory VDB Entry
https://centos-webpanel.com/changelog-cwp7	Release Notes Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-10-31T20:59:30

Updated: 2019-10-31T20:59:30

Reserved: 2019-09-13T00:00:00

Link: CVE-2019-16295

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-10-31T21:15:13.200

Modified: 2023-01-24T18:57:12.680

Link: CVE-2019-16295

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2019-10-25T00:00:00", "descriptions": [{"lang": "en", "value": "Stored XSS in filemanager2.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.885 exists via the cmd_arg parameter. This can be exploited by a local attacker who supplies a crafted filename within a directory visited by the victim."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-10-31T20:59:30", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/154990/CWP-0.9.8.885-Cross-Site-Scripting.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://centos-webpanel.com/changelog-cwp7"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-16295", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stored XSS in filemanager2.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.885 exists via the cmd_arg parameter. This can be exploited by a local attacker who supplies a crafted filename within a directory visited by the victim."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://packetstormsecurity.com/files/154990/CWP-0.9.8.885-Cross-Site-Scripting.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/154990/CWP-0.9.8.885-Cross-Site-Scripting.html"}, {"name": "https://centos-webpanel.com/changelog-cwp7", "refsource": "CONFIRM", "url": "https://centos-webpanel.com/changelog-cwp7"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-16295", "datePublished": "2019-10-31T20:59:30", "dateReserved": "2019-09-13T00:00:00", "dateUpdated": "2019-10-31T20:59:30", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:control-webpanel:webpanel:0.9.8.855:*:*:*:*:*:*:*", "matchCriteriaId": "2EB0D62E-63CB-4C49-A829-4AAEB63796AD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Stored XSS in filemanager2.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.885 exists via the cmd_arg parameter. This can be exploited by a local attacker who supplies a crafted filename within a directory visited by the victim."}, {"lang": "es", "value": "Una vulnerabilidad de tipo XSS almacenado en el archivo filemanager2.php en CentOS-WebPanel.com (tambi\u00e9n se conoce como CWP) CentOS Web Panel versi\u00f3n 0.9.8.885, se presenta mediante el par\u00e1metro cmd_arg. Esto puede ser explotado por parte de un atacante local que suministra un nombre de archivo dise\u00f1ado dentro de un directorio visitado por la v\u00edctima."}], "id": "CVE-2019-16295", "lastModified": "2023-01-24T18:57:12.680", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-31T21:15:13.200", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/154990/CWP-0.9.8.885-Cross-Site-Scripting.html"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://centos-webpanel.com/changelog-cwp7"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}