Skip to main content
CVE-2021-31324 CRITICAL POC THREAT Act Now

The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability leading to root Remote Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Webpanel
NVD
CVSS 3.1
9.8
EPSS
34.1%
CVE-2021-31316 CRITICAL POC THREAT Act Now

The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession' HTTP POST parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Webpanel
NVD
CVSS 3.1
9.8
EPSS
13.0%
CVE-2021-32305 CRITICAL POC PATCH THREAT Act Now

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Command Injection Websvn
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
86.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy