22 matches found
CVE-2020-15435
The CVE-2020-15435 issue affects CentOS Web Panel (cwp-e17.0.9.8.923). The vulnerability is in ajax_dashboard.php where parsing the service_start parameter allows an attacker to construct a system call, enabling remote code execution with root privileges. It is exploitable remotely without authen...
(0Day) CentOS Web Panel ajax_dashboard service_stop Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxdashboard.php. When parsing the servicestop parameter, the process does not properl...