2 matches found
CVE-2020-15622
This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmailautoreply.php. When parsing the search parameter, the...
CVE-2020-15622
CVE-2020-15622 affects CentOS Web Panel (cwp-e17.0.9.8.923). The flaw is in ajax_mail_autoreply.php where unvalidated user input in the search parameter is used to construct SQL queries, enabling an unauthenticated attacker to disclose sensitive information, in the context of root. Multiple trust...