Control Web Panel
WebPanel => CentOS-WebPanel Bugs => Topic started by: become on November 14, 2017, 05:29:07 PM
-
There is BIG WHOLE in CWP.
username: user123
This User add a domain for example "domain.com"
He need to enter path
Path is starting with /home/USERNAME
but user can ommit starting slash / from input
if he enter "domain" as path
CWP create path /home/user123domain
but this should be:
/home/user123/domain
This is totally insecured
-
don't see that issue its probably some old issue.
-
It was fixed with last CWP update (new theme). I will check it with addon hacking test ;)