Vulnerability Details CVE-2020-28657
In bPanel 2.0, the administrative ajax endpoints (aka ajax/aj_*.php) are accessible without authentication and allow SQL injections, which could lead to platform compromise.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References