Right click on the new centos web panel logo and view image in a new tab. Once there, navigate one level back to the IP:2030/design/ or
http://HTTPS://IP:2031/design/ folder and you will see what I am referring to..
ssh term jars sitting there so they can be downloaded..
/design/3rdparty/sshterm/
jcterm-0.0.10.jar
jsch-0.1.46.jar
jzlib-1.1.1.jar
CSS publicly accessible?
/design/css/
bootstrap/
custom.css
droid-sans-400-700.css
droid-sans-400.css
droid-sans-700.css
fonts/
icons.css
ie8.css
main.css
open-sans-400-700.css
open-sans-400.css
open-sans-700.css
supr-theme/
The dev's face can be seen in his avatars???
/design/images/
apple-touch-icon-114-precomposed.png
apple-touch-icon-144-precomposed.png
apple-touch-icon-57-precomposed.png
apple-touch-icon-72-precomposed.png
arrowdown.png
arrowup.png
avatar.jpg
avatar2.jpeg
avatar3.jpeg
cwp_small.png
del.png
favicon.ico
gallery/
glyphicons-halflings-white.png
glyphicons-halflings.png
handle.png
icons/
loader.gif
loaders/
patterns/
search.png
spinner.png
ui.totop.png
And this is the gallery folder that has completely unrelated images.. these have nothing to do with the server and just have what the dev wanted put in there.. shameful!!
/design/images/gallery/
1.jpg
10.jpg
11.jpg
12.jpg
13.jpg
14.jpg
15.jpg
16.jpg
17.jpg
18.jpg
19.jpg
2.jpg
20.jpg
3.jpg
4.jpg
5.jpg
7.jpg
8.jpg
9.jpg
preload.png
ALL OF THIS IS PUBLICLY ACCESSIBLE. SHAME ON THE DEV!!!!!