Lucene search
K

4 matches found

NVD
NVD
added 2020/07/28 5:15 p.m.24 views

CVE-2020-15617

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxlistaccounts.php. When parsing the status parameter, the...

7.8CVSS7.5AI score0.0383EPSS
Exploits0References1
Prion
Prion
added 2020/07/28 5:15 p.m.14 views

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxlistaccounts.php. When parsing the status parameter, the...

7.8CVSS7.5AI score0.0383EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/28 5:1 p.m.29 views

CVE-2020-15617

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxlistaccounts.php. When parsing the status parameter, the...

7.5CVSS7.5AI score0.0383EPSS
Exploits0References1
CVE
CVE
added 2020/07/28 5:1 p.m.46 views

CVE-2020-15617

CVE-2020-15617 affects CentOS Web Panel (cwp-e17.0.9.8.923). The vulnerability is a SQL injection in ajax_list_accounts.php where the status parameter is not properly validated before being used in queries, enabling remote disclosure of sensitive information with no authentication. This is docume...

7.8CVSS7.5AI score0.0383EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder