2 matches found
CVE-2020-15424
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the domain parameter, the process...
CVE-2020-15424
This CVE (CVE-2020-15424) affects CentOS Web Panel (cwp-e17.0.9.8.923). The flaw is in ajax_mod_security.php when parsing the domain parameter, where unvalidated user input is used to execute a system call, allowing remote code execution as root without authentication. Documented impact mirrors Z...