Security Advisory

CVE-2020-28657

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-03-02 18:10:38

Last updated 2024-08-04 16:40:59

Assigner mitre

State PUBLISHED

Description

In bPanel 2.0, the administrative ajax endpoints (aka ajax/aj_*.php) are accessible without authentication and allow SQL injections, which could lead to platform compromise.

← Browse all CVEs View on cve.org ↗