CentOS Web Panel Operating System Command Injection Vulnerability

CentOS Web Panel CWP is a free web hosting control panel. An operating system command injection vulnerability exists in the ajaxftpmanager.php file in the CentOS Web Panel cwp-el7-0.9.8.891 release, which stems from the program failing to properly validate a system call before executing it with a...

CentOS Web Panel Code Execution Vulnerability

CentOS Web Panel CWP is a free web hosting control panel that makes it easy to manage multiple servers Dedicated and VPS without having to access the servers via SSH. A code execution vulnerability in the CentOS Web Panel cwp-e version 17.0.9.8.923, which stems from the ajaxftpmanager.php file no...

CVE-2020-15612

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxftpmanager.php. When parsing the userLogin parameter, the process...

CVE-2020-15615

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxftpmanager.php. The issue results from the lack of proper...

PT-2020-14538 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version cwp-e17.0.9.8.923 Description: This issue allows remote attackers to execute arbitrary code on affected installations. Authentication is not required to exploit this issue. The flaw exists within the ajax ftp...