CWP Control Web Panel OS Command Injection Vulnerability

CWP Control Web Panel formerly CentOS Web Panel contains an OS command Injection vulnerability that allows unauthenticated remote code execution via shell metacharacters in the ttotal parameter in a filemanager changePerm request. A valid non-root username must be known...

EUVD-2025-30324

Malicious code in bioql PyPI...

CVE-2025-48703

CWP aka Control Web Panel or CentOS Web Panel before 0.9.8.1205 allows unauthenticated remote code execution via shell metacharacters in the ttotal parameter in a filemanager changePerm request. A valid non-root username must be known...

CVE-2025-48703

CWP aka Control Web Panel or CentOS Web Panel before 0.9.8.1205 allows unauthenticated remote code execution via shell metacharacters in the ttotal parameter in a filemanager changePerm request. A valid non-root username must be known...

CVE-2025-48703

CWP aka Control Web Panel or CentOS Web Panel before 0.9.8.1205 allows unauthenticated remote code execution via shell metacharacters in the ttotal parameter in a filemanager changePerm request. A valid non-root username must be known...

Control Web Panel 操作系统命令注入漏洞

Control Web Panel is a Linux web hosting control panel. An operating system command injection vulnerability exists in Control Web Panel versions prior to 0.9.8.1205, which stems from the ttotal parameter in the filemanager changePerm request containing shell metacharacters, which could lead to...

CVE-2025-48703

CWP aka Control Web Panel or CentOS Web Panel before 0.9.8.1205 allows unauthenticated remote code execution via shell metacharacters in the ttotal parameter in a filemanager changePerm request. A valid non-root username must be known...

VulnCheck KEV: CVE-2025-48703

CWP aka Control Web Panel or CentOS Web Panel before 0.9.8.1205 allows unauthenticated remote code execution via shell metacharacters in the ttotal parameter in a filemanager changePerm request. A valid non-root username must be known...