CVE-2025-41344 Missing Authorization vulnerability in CanalDenuncia.app

A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'idarchivo' in '/backend/api/verArchivo.php'...

The vulnerability of the ajax_mod_security.php implementation of the application for managing servers on CentOS Web Panel allows a hacker to execute arbitrary code.

The vulnerability of the ajaxmodsecurity.php implementation of the application for managing servers on CentOS Web Panel is related to the failure to take measures to eliminate special elements in the string entered by the user when processing the archivo parameter. Exploiting this vulnerability m...

PT-2020-14546 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version cwp-e17.0.9.8.923 Description: This issue allows remote attackers to write arbitrary files on affected installations. Authentication is not required to exploit this issue. The flaw exists within the ajax mod...

PT-2020-6770 · Unknown · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel versions cwp-e17.0.9.8.923 Description: The issue is related to the implementation of the ajax mod security.php script in CentOS Web Panel, where the archivo parameter does not properly neutralize special elements in...