mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 15:15:46 +02:00
0xMarcio
862 B
862 B
CVE-2020-14421
Description
aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via the Script Content box on the Add Cron Job screen.
POC
Reference
- http://packetstormsecurity.com/files/159575/aaPanel-6.6.6-Privilege-Escalation.html
- https://forum.aapanel.com
- https://github.com/jenaye/aapanel