4 matches found
EUVD-2020-7615
Malware in sbrugna...
Design/Logic Flaw
This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmailautoreply.php. When parsing the user parameter, the...
CVE-2020-15628
CVE-2020-15628 affects CentOS Web Panel (cwp-e17.0.9.8.923). The flaw is in ajax_mail_autoreply.php where the parameter parsing for the user input is not properly validated before being used to build SQL queries, enabling a remote SQL injection in the root context. Authentication is not required....
CVE-2020-15628
This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmailautoreply.php. When parsing the user parameter, the...