SB2020062620 - Multiple vulnerabilities in CentOS Web Panel
Published: June 26, 2020 Updated: June 30, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 39 secuirty vulnerabilities.
1) SQL injection (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the "user" parameter in "ajax_mail_autoreply.php". A remote attacker can send a specially crafted request to the affected application and gain access to sensitive information on the target system.
2) Command Injection (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation within "ajax_ftp_manager.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
3) SQL injection (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the "package" parameter in "ajax_list_accounts.php". A remote attacker can send a specially crafted request to the affected application and gain access to sensitive information on the target system.
4) SQL injection (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the "status" parameter in "ajax_list_accounts.php". A remote attacker can send a specially crafted request to the affected application and gain access to sensitive information on the target system.
5) SQL injection (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the "username" parameter in "ajax_list_accounts.php". A remote attacker can send a specially crafted request to the affected application and gain access to sensitive information on the target system.
6) SQL injection (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the "type" parameter in "ajax_list_accounts.php". A remote attacker can send a specially crafted request to the affected application and gain access to sensitive information on the target system.
7) SQL injection (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the "is" parameter in "ajax_list_accounts.php". A remote attacker can send a specially crafted request to the affected application and gain access to sensitive information on the target system.
8) SQL injection (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the "email" parameter in "ajax_mail_autoreply.php". A remote attacker can send a specially crafted request to the affected application and gain access to sensitive information on the target system.
9) SQL injection (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the "search" parameter in "ajax_mail_autoreply.php". A remote attacker can send a specially crafted request to the affected application and gain access to sensitive information on the target system.
10) Path traversal (CVE-ID: N/A)
The vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences within "ajax_mod_security.php" in "archivo" parameter. A remote attacker can send a specially crafted HTTP request and execute arbitrary code on the system.
11) SQL injection (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the "domain" parameter in "ajax_new_account.php". A remote attacker can send a specially crafted request to the affected application and gain access to sensitive information on the target system.
12) SQL injection (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the "username" parameter in "ajax_add_mailbox.php". A remote attacker can send a specially crafted request to the affected application and gain access to sensitive information on the target system.
13) SQL injection (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the "term" parameter in "ajax_dashboard.php". A remote attacker can send a specially crafted request to the affected application and gain access to sensitive information on the target system.
14) SQL injection (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data in the "account" parameter in "ajax_mail_autoreply.php". A remote attacker can send a specially crafted request to the affected application and gain access to sensitive information on the target system.
15) Command Injection (CVE-ID: CVE-2020-15608)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "ai_service" parameter in "ajax_dashboard.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
16) Command Injection (CVE-ID: CVE-2020-15609)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "service_stop" parameter in "ajax_dashboard.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
17) Command Injection (CVE-ID: CVE-2020-15610)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "modulo" parameter in "ajax_php_pecl.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
18) Command Injection (CVE-ID: CVE-2020-15611)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "service_restart" parameter in "ajax_dashboard.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
19) Command Injection (CVE-ID: CVE-2020-15612)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "userLogin" parameter in "ajax_ftp_manager.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
20) Command Injection (CVE-ID: CVE-2020-15613)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "line" parameter in "ajax_admin_apis.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
21) Command Injection (CVE-ID: CVE-2020-15614)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "cha" parameter in "ajax_php_pecl.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
22) Command Injection (CVE-ID: CVE-2020-15420)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "line" parameter in "loader_ajax.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
23) Command Injection (CVE-ID: CVE-2020-15421)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "check_ip" parameter in "ajax_mod_security.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
24) Command Injection (CVE-ID: CVE-2020-15422)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "archivo" parameter in "ajax_mod_security.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
25) Command Injection (CVE-ID: CVE-2020-15423)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "dominio" parameter in "ajax_mod_security.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
26) Command Injection (CVE-ID: CVE-2020-15424)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "domain" parameter in "ajax_mod_security.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
27) Command Injection (CVE-ID: CVE-2020-15425)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in "ajax_mod_security.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
28) Command Injection (CVE-ID: CVE-2020-15426)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "serverip" parameter in "ajax_migration_cpanel.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
29) Command Injection (CVE-ID: CVE-2020-15427)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "folderName" parameter in "ajax_disk_usage.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
30) Command Injection (CVE-ID: CVE-2020-15428)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "line" parameter in "ajax_crons.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
31) Command Injection (CVE-ID: CVE-2020-15429)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "user" parameter in "ajax_crons.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
32) Command Injection (CVE-ID: CVE-2020-15430)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "username" parameter in "ajax_list_accounts.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
33) Command Injection (CVE-ID: CVE-2020-15431)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "user" parameter in "ajax_crons.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
34) Command Injection (CVE-ID: CVE-2020-15432)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "filespace" parameter in "ajax_migration_cpanel.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
35) Command Injection (CVE-ID: CVE-2020-15433)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "phpversion" parameter in "ajax_php_pecl.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
36) Command Injection (CVE-ID: CVE-2020-15434)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "canal" parameter in "ajax_php_pecl.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
37) Command Injection (CVE-ID: CVE-2020-15435)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "service_start" parameter in "ajax_dashboard.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
38) Command Injection (CVE-ID: CVE-2020-15606)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in "ajax_admin_apis.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
39) Command Injection (CVE-ID: CVE-2020-15607)
The vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input validation in the "line" parameter in "ajax_admin_apis.php". A remote attacker can send a specially crafted data and execute arbitrary commands on the target system.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- https://www.zerodayinitiative.com/advisories/ZDI-20-775/
- https://www.zerodayinitiative.com/advisories/ZDI-20-762/
- https://www.zerodayinitiative.com/advisories/ZDI-20-763/
- https://www.zerodayinitiative.com/advisories/ZDI-20-764/
- https://www.zerodayinitiative.com/advisories/ZDI-20-765/
- https://www.zerodayinitiative.com/advisories/ZDI-20-766/
- https://www.zerodayinitiative.com/advisories/ZDI-20-767/
- https://www.zerodayinitiative.com/advisories/ZDI-20-768/
- https://www.zerodayinitiative.com/advisories/ZDI-20-769/
- https://www.zerodayinitiative.com/advisories/ZDI-20-770/
- https://www.zerodayinitiative.com/advisories/ZDI-20-771/
- https://www.zerodayinitiative.com/advisories/ZDI-20-772/
- https://www.zerodayinitiative.com/advisories/ZDI-20-773/
- https://www.zerodayinitiative.com/advisories/ZDI-20-774/
- https://www.zerodayinitiative.com/advisories/ZDI-20-755/
- https://www.zerodayinitiative.com/advisories/ZDI-20-756/
- https://www.zerodayinitiative.com/advisories/ZDI-20-757/
- https://www.zerodayinitiative.com/advisories/ZDI-20-758/
- https://www.zerodayinitiative.com/advisories/ZDI-20-759/
- https://www.zerodayinitiative.com/advisories/ZDI-20-760/
- https://www.zerodayinitiative.com/advisories/ZDI-20-761/
- https://www.zerodayinitiative.com/advisories/ZDI-20-737/
- https://www.zerodayinitiative.com/advisories/ZDI-20-738/
- https://www.zerodayinitiative.com/advisories/ZDI-20-739/
- https://www.zerodayinitiative.com/advisories/ZDI-20-740/
- https://www.zerodayinitiative.com/advisories/ZDI-20-741/
- https://www.zerodayinitiative.com/advisories/ZDI-20-742/
- https://www.zerodayinitiative.com/advisories/ZDI-20-743/
- https://www.zerodayinitiative.com/advisories/ZDI-20-744/
- https://www.zerodayinitiative.com/advisories/ZDI-20-745/
- https://www.zerodayinitiative.com/advisories/ZDI-20-746/
- https://www.zerodayinitiative.com/advisories/ZDI-20-747/
- https://www.zerodayinitiative.com/advisories/ZDI-20-748/
- https://www.zerodayinitiative.com/advisories/ZDI-20-749/
- https://www.zerodayinitiative.com/advisories/ZDI-20-750/
- https://www.zerodayinitiative.com/advisories/ZDI-20-751/
- https://www.zerodayinitiative.com/advisories/ZDI-20-752/
- https://www.zerodayinitiative.com/advisories/ZDI-20-753/
- https://www.zerodayinitiative.com/advisories/ZDI-20-754/