20 matches found
EUVD-2020-7418
Malware in sbrugna...
EUVD-2020-7416
Malware in sbrugna...
EUVD-2020-7415
Malware in sbrugna...
CVE-2020-15423
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the dominio parameter, the process...
CVE-2020-15425
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. The issue results from the lack of proper...
CVE-2020-15421
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the checkip parameter, the process...
CentOS Web Panel Code Issue Vulnerability
CentOS Web Panel CWP is a free web hosting control panel. A code issue vulnerability exists in the ajaxmodsecurity.php file in CentOS Web Panel cwp-e version 17.0.9.8.923, which stems from not properly validating user-supplied paths. An attacker could exploit the vulnerability to execute code...
CVE-2020-15623
This vulnerability allows remote attackers to write arbitrary files on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the archivo parameter, the process...
CVE-2020-15424
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the domain parameter, the process...
CVE-2020-15421
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the checkip parameter, the process...
CVE-2020-15425
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. The issue results from the lack of proper...
CVE-2020-15425
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. The issue results from the lack of proper...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the domain parameter, the process...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. The issue results from the lack of proper...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the dominio parameter, the process...
CVE-2020-15623
CVE-2020-15623 affects CentOS Web Panel (CWP) cwp-e17.0.9.8.923 where the ajax_mod_security.php component parses the archivo parameter without proper path validation, allowing remote attackers to write arbitrary files and potentially execute code as root. This is a network-based, unauthenticated ...
CVE-2020-15425
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. The issue results from the lack of proper...
CVE-2020-15422
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the archivo parameter, the process...
CVE-2020-15423
CVE-2020-15423 affects CentOS Web Panel (cwp-e17.0.9.8.923). The vulnerability is in ajax_mod_security.php where parsing the dominio parameter allows an attacker to bypass validation and execute a system call, yielding remote code execution with root privileges. Multiple connected sources corrobo...
CVE-2020-15421
CVE-2020-15421 affects CentOS Web Panel (cwp-e17.0.9.8.923); the vulnerability resides in ajax_mod_security.php during parsing of the check_ip parameter, where user-supplied input is used to form a system call without proper validation, enabling remote code execution as root. Multiple sources (in...