17 matches found
EUVD-2020-7422
Malware in sbrugna...
EUVD-2020-7424
Malware in sbrugna...
EUVD-2020-7421
Malware in sbrugna...
CVE-2020-15429
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the user parameter, the process does not...
CVE-2020-15431
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the user parameter, the process does not...
CentOS Web Panel Operating System Command Injection Vulnerability (CNVD-2020-43608)
CentOS Web Panel CWP is a free web hosting control panel. An operating system command injection vulnerability exists in the ajaxcrons.php file in the CentOS Web Panel cwp-el7-0.9.8.891 release, which stems from failure to properly validate a user-supplied string before executing a system call. An...
CentOS Web Panel Operating System Command Injection Vulnerability (CNVD-2020-43606)
CentOS Web Panel CWP is a free web hosting control panel. An operating system command injection vulnerability exists in the ajaxcrons.php file in the CentOS Web Panel cwp-el7-0.9.8.891 release, which stems from failure to properly validate a user-supplied string before executing a system call. An...
CVE-2020-15428
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the line parameter, the process does not...
CVE-2020-15431
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the user parameter, the process does not...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the line parameter, the process does not...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the user parameter, the process does not...
CVE-2020-15431
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the user parameter, the process does not...
CVE-2020-15431
CVE-2020-15431 affects CentOS Web Panel (cwp-e17.0.9.8.923). The flaw is in ajax_crons.php where parsing the user parameter allows executing a system call with root privileges, enabling remote code execution without authentication. Multiple sources (including ZDI-20-748) document this as a remote...
CVE-2020-15428
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the line parameter, the process does not...
CVE-2020-15428
CVE-2020-15428 affects CentOS Web Panel (cwp-e17.0.9.8.923). The flaw is in ajax_crons.php: when parsing the line parameter, user-supplied input is used to perform a system call without proper validation, allowing remote attackers to execute code with root privileges. Exploitation is unauthentica...
(0Day) CentOS Web Panel ajax_crons line Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the line parameter, the process does not properly validate ...
(0Day) CentOS Web Panel ajax_crons user Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the user parameter, the process does not properly validate ...