4 matches found
CVE-2020-15429
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the user parameter, the process does not...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the user parameter, the process does not...
CVE-2020-15429
CVE-2020-15429 affects CentOS Web Panel (cwp-e17.0.9.8.923). A flaw in ajax_crons.php allows remote command injection: when parsing the user parameter, the code does not properly validate the string before using it in a system call, enabling arbitrary code execution with root privileges. Authenti...
CVE-2020-15429
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the user parameter, the process does not...