CentOS Web Panel 0.9.8.740 Root Account Takeover / Command Execution
Posted on 07 November 2018
CentOS Web Panel versions 0.9.8.740 and below suffer from cross site request forgery and cross site scripting vulnerabilities that can be leveraged to achieve remote root command execution.
