CVE-2018-7308
CVE-2018-7308 affects DanWin hosting (var/www/html/files.php) up to 2018-02-11. The vulnerability is a cross-site request forgery (CSRF) that lets arbitrary remote users add/delete/modify files in any hosting account. Root cause is CSRF in the affected script; no exploitation details are provided...