3 matches found
CVE-2020-15421
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the checkip parameter, the process...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the checkip parameter, the process...
CVE-2020-15421
CVE-2020-15421 affects CentOS Web Panel (cwp-e17.0.9.8.923); the vulnerability resides in ajax_mod_security.php during parsing of the check_ip parameter, where user-supplied input is used to form a system call without proper validation, enabling remote code execution as root. Multiple sources (in...