2 matches found
CVE-2020-15432
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmigrationcpanel.php. When parsing the filespace parameter, the...
CVE-2020-15432
The CVE-2020-15432 entry affects CentOS Web Panel (CWP) software, specifically cwp-e17.0.9.8.923. The underlying issue is in ajax_migration_cpanel.php where the filespace parameter is not properly validated before use in a system call, enabling remote code execution with root privileges and no au...