3 matches found
CentOS Web Panel Operating System Command Injection Vulnerability (CNVD-2020-44598)
CentOS Web Panel CWP is a free web hosting control panel. An operating system command injection vulnerability exists in the ajaxcrons.php file in the CentOS Web Panel cwp-el7-0.9.8.891 release, which stems from failure to properly validate a user-supplied string before executing a system call. An...
CVE-2020-15429
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the user parameter, the process does not...
CVE-2020-15429
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the user parameter, the process does not...